- We live in a connected world. This spans the data center, healthcare IoT, and the enterprise data center. In fact, many of you reading this right now may well have a Nest or Philips Hue in your house. Some of you, like me, might have even more connected devices.
That said, let me bring you back to the events of October 21, 2016. This was the day we experienced one of the most impactful distributed denial of service (DDoS) attacks on record.
Aimed at DynDNS services, the attack was carried out, at least in part, by using a botnet created by software called Mirai. This botnet hijacked poorly secured IoT devices, like DVRs, CCTV environments, routers, and more. The attack, according to an analysis by ThousandEyes, a provider of global network monitoring services, was directed at 17 Dyn sites.
“At the height of the attack, approximately 75 percent of our global vantage points sent queries that went unanswered by Dyn’s servers,” Nick Kephart, senior director of product marketing at ThousandEyes, wrote in a blog post. “In addition, the critical nature of many of these affected services led to collateral damage, in terms of outages and performance impacts on sites that are only tangentially related to Dyn.”
As I mentioned in an earlier article, healthcare organizations are a constant target and DDoS made the top five list of the biggest security challenges impacting today’s healthcare infrastructure and data center operations.
IoT is Growing in Adoption and Becoming a Bigger Target
When we think of IoT, we usually fall back to the kinds of devices we’re familiar with. However, IoT components are finding their way into the enterprise, the data center, and certainly modern healthcare organizations.
Let me give you an example; recent research from Accenture has found that the Internet of Health Things (IoHT) is already delivering tangible cost savings, but continuous investment is essential.
The report goes on to state that by introducing more connectivity, remote monitoring and information gathering, IoHT can encourage better use of healthcare resources, more informed decisions, a reduction in inefficiencies or waste, and the empowerment of health consumers.
Estimates from the report show that the value of IoHT will top $163 billion by 2020, with a compound annual growth rate (CAGR) of 38.1 percent between 2015 and 2020.
Securing Your Network and Your Devices
At the recent Interop ITX conference, I outlined the six core components of IoT: compute, connectivity, security, analytics, ecosystem, and services. And, as you’re reading this, remember that almost every single piece of connected technology you work with will have these six components.
The question becomes, how to you secure these devices?
- Control everything that connects into your network. I’ve had the chance to work with proactive healthcare systems that can delegate and control who connects into their network and what they have access to. Most of all, managing network segmentation can help with risk mitigation and controlling a breach if one does occur. Network visibility is critical. And, in so many cases, the network acts as your key security mechanism to stop the spread of an attack. Network intelligence, scanners, and security solutions can all help reduce the risk of an attack or breach. On the network itself, you can run sensors, virtual solutions, and physical devices which help you manage connections, packets, users, and much more.
- Create security based on context and layers. Your security platform must “work” on your behalf; that is, intelligent systems can interrogate devices coming in to really understand who they are and where they’re coming from. When it comes to IoT and connected devices, contextual security can help isolate IoT solutions to their own network. From there, you can set up policies to monitor anomalous behavior and even traffic patterns. In fact, for an IoT network, you may want to set up additional thresholds and filters for extra security; for example, shutting the network or network segment down if there’s a spike in traffic. This can help with DDoS flooding other parts of the network and mitigating the spread of the attack.
- Centralize and segment connected devices. If you’re going to work with IoT and connected devices, create a separate network, monitor those devices properly, and set monitors to make sure you can manage all these connected tools. From there, you can use IoT aggregation hubs that help you further control your devices. Here’s another point to remember: always know what your devices have access to. Are they accessing PHI/PII? Do they store that data or is it all just transient? This will dictate the way you set up security policies for your connected devices.
- Align users and the business when it comes to more connected devices in healthcare. I’ve been in situations where healthcare leadership imposes a new IoT or connected device policy. Then, they procure these devices and sort of “force” them on the IT teams. This disconnect will leave devices unmanaged, poorly secured, and, even in some cases, lost entirely. If you’re going to work with a connected device program, please make sure you have complete alignment between business and IT leadership units. This is the best way to gain the most value out of these devices and ensure you don’t fall into an IoT device hole.
- Always test your systems and maintain visibility. You’re going to have to be as agile as the devices that are coming into your network. New network and wireless architectures help you manage and control all those new devices coming in. In fact, leading wireless access point and wireless system manufactures are creating solutions that specifically help you manage connected and IoT devices within the network. Never lose sight of your devices, and build a good monitoring platform now. The more things that connect into your network the harder it will be to monitor them all.
There’s not going to be a slowdown when it comes to connecting healthcare systems.
Recent research from Accenture Consulting found that 73 percent of healthcare executives think IoT will be “disruptive” within three years. Remember, these aren’t just devices. These are methods to save lives and impact entire healthcare services.
Not only do you need to maintain control of these systems, you must maintain constant visibility. As much as these kinds of connected devices can help people and the healthcare infrastructure, they can also pose threats and act as points of malicious entry. Working with good partners can help put your own connected work into perspective.
The main point here is to gain control and not let your connected infrastructure become poorly managed.