Tackling device security in the IoT era

From the mHealthNews archive
By Eric Wicklund

As the Internet of Things moves into healthcare, activating smart devices throughout the hospital and clinic and mobile devices carried by clinicians, consumers and even administrators, securing those devices against data breaches – either accidental or deliberate – is a priority. There's no shortage of firms that have cut their teeth on the banking and retail sectors who are now targeting healthcare.

A mobile security startup is attracting interest in healthcare for its method of analyzing all those devices in a network and pinpointing when they act suspiciously.

Observable Networks, based in St. Louis, uses what's called "endpoint modeling" to track Internet use across the network, charting everything from a device accessing the Internet to a domain controller using a Google Form to a printer being activated as a web server for remote clients.

"We watch the emissions from every device that's on the network," company CEO Bryan Doerr told mHealth News. "It doesn't matter what the endpoint is – mobile devices, monitors, laptops – we watch all the traffic."

[See also: How BlackBerry buying Good can help healthcare.]

That healthcare needs this kind of scrutiny is well documented. Just take a look at the number of data breaches reported in the past month and you'll get the picture.

Ichthys IT Services, a Boston-area tech support company, recently rolled out Oberservable Networks' security platform to its first healthcare client. Thom Fiorini, a systems engineer with Ichthys, said healthcare is looking for security models that have worked in other industries.

"Because endpoint modeling is independent of devices or platforms it truly fits any environment - new device, new data pattern discovered, new model built, easy," he said. "If the device goes rogue and doesn't fit the baseline model, then you are notified and can make the decision that either this new data pattern is acceptable due to its particular role and may continue, thus creating a new baseline for that device, or that the device is compromise and needs to be addressed."

Doerr said healthcare is reaching a stage where security platforms are overwhelmed by the different kinds of breaches and hacking attempts – chief information security officers are dealing with lost or stolen laptops, MRI machines that can been accessed from outside the hospital, malware in doctors' smartphones, and unauthorized access to EMRs. New forms of security are trying to make the CISO's job easier by tracking changes in patterns, rather than monitoring everything that happening on every device at every moment.

"All you have to know and recognize is that something has changed, and to react to that change as quickly as possible," he said.

Fiorini added that endpoint modeling's big benefit is that healthcare organizations do not need to install management software on every single networkable device. 

"Endpoint modeling merely watches for traffic patterns and ensures that every object that connects to your network is playing by the rules, and these rules are compared to the tens of thousands of other objects that are just like it," Fiorini explained. "For example, if I have a million servers, or desktops, or Android phones, or printers, or whatever, in the world, and these objects are behaving in a particular manner, then one can define how these devices should behave. And when one of these objects on my network, which is defined by baseline to be in one of those particular groups, begins to deviate from that standardized behavior, then I need to find out why. It is either a legitimate deviation or it is not, and only the network administrator can determine that. Once established, any deviation becomes another alert and yields another determination."

While endpoint modeling is catching on in healthcare, Fiorini cautioned that CISOs and other administrators shouldn't think of it as a be-all and end-all for security. It's a "very nice layer" that can be added on to other standard security precautions, like firewalls or anti-virus software.

Doerr, meanwhile, sees new challenges ahead. He and other IT security providers are looking at the expansion of healthcare beyond the health system – especially via home health monitoring and telehealth. That's where programs that focus on patterns will have an advantage.

"There's some very, very vulnerable systems out there, and if they're just getting patches, they don't scale and they just don't protect," he said. "You're going to see new dimensions of (security) management come out" as the landscape changes.

Related articles: 

Mobile devices in the hospital: How much is too much?

Want to protect your EHR from hackers? Secure those mobile devices

Mobile security in healthcare needs a checkup