- With more healthcare providers implementing connected devices, medical device security is becoming a more prominent aspect to data security plans.
South Texas-based Methodist Healthcare Ministries (MHM) recently implemented SecurityCenter Continuous View from Tenable Network Security to improve its network security. This new option will make it easier to detect potential cybersecurity vulnerabilities in network-connected medical devices, according to MHM network administrator James Kahl.
There were security concerns before the medical device security option was put in place, according to Kahl, especially with the current healthcare environment.
“Our assumption pretty much is that your perimeter’s already been gotten into, so the idea is to try and track and notify as much as possible that there’s any indicators that have been compromised on our systems,” Kahl explained in an interview with HealthITSecurity.com.
Security has been one of MHM’s biggest concern, especially recently as there have been numerous reports of large-scale healthcare data breaches.
Another benefit of the SecurityCenter option is that it will cut down on manual scanning that MHM employees need to do. As the organization has grown, there are now 100 remote users, Kahl said. Not only are there several sites, there are lots of connections coming in from the outside so it was important to be able to watch all of the traffic going back and forth.
“That way we could look for anything out of the ordinary and also monitor some of those connections with our users and our partners,” he maintained.
Kahl added that the vulnerability scanning is greatly beneficial when it comes to reviewing all of MHM’s systems. The organization’s critical servers that contain patient data, along with some of its accounting servers, need to be properly monitored.
“We use it to scan for vulnerabilities and look for any connections that are out of the ordinary,” explained Kahl. “In addition we’ve been able to identify some devices on our network that were unknown, and had kind of fallen off the radar.”
Moreover, the SecurityCenter allows MHM to see if a particular work station is connecting to a server that it should not be connecting to, or perhaps connecting to another work station. Overall though, Kahl underlined the importance of properly utilizing such tools. There is a large wealth of data that the SecurityCenter provides, but the product has been great as it has allowed MHM to use it in numerous capacities.
Medical device security is just one issue providers must consider
One of the most important aspects of strong medical device security is knowing where devices are and what they are doing. Kahl maintains that there are many hospital systems with devices that reside on the system simply because someone plugged them in one day but the system has no idea how it got there.
For example, with BYOD policies in place, new devices could be brought in for convenience but a provider’s IT department might not be aware of their existence.
The same thing would occasionally happen with MHM, Kahl added, and not everything would necessarily be brought through the IT department.
“A lot of times things would get connected that we didn’t even know about,” he said.
Making sure that devices are only communicating with the specific places they need to is also essential.
“We have a new dental sterilization tool that’s about to come out, it doesn’t need to talk to anything other than the PCs it needs to connect to,” Kahl articulated. “So any other communication beside that is an indicator that there’s a good chance that somebody is either inside our network trying to hammer on it or they’re trying to connect from the outside.”
Overall, healthcare organizations need to be able to control patient data. This is especially important when there is an onsite database, Kahl urged.
“Look for anything that transmits out,” he cautioned.
There are only a few places that information should be sent out to, and once they have been properly identified an organization will be better able to tell if there is unauthorized activity taking place.
“Anything beyond that means that there’s a chance somebody is trying to pull data out of our database or any one of the systems that can communicate with it,” he said.
It’s important to be able to reassure patients because they have entrusted sensitive information to their healthcare providers.
“Everybody thinks credit cards are horrible but patient records are worth way more than that,” Kahl added. “So anything we can do to safeguard and give them a sense of safety is of the utmost importance.”