Palo Alto Networks announced the most comprehensive Internet of Things (IoT) security solution for healthcare. Palo Alto Networks IoT Security simplifies the challenge of securing the Internet of Medical Things (IoMT) through ML-powered visibility, prevention and enforcement, while offering deep insights on healthcare-specific devices and vulnerabilities. This helps improve data security and patient safety while meeting the needs of both IT teams and biomedical engineering teams.
While IoT has opened the door for innovative new services across industries, it also presents new cybersecurity risks. This is particularly true in healthcare. According to a recent report from Unit 42, 83% of medical imaging devices are running on unsupported operating systems, making them potential avenues for attackers. Attacks on medical devices like these can potentially disrupt the quality of care and allow attackers to steal patient data.
Palo Alto Networks IoT Security is designed to ensure Healthcare Delivery Organizations (HDOs) can realize the benefits of IoT for patient care — without sacrificing security. It is the industry’s only solution to use machine learning and crowd-sourced telemetry to quickly and accurately profile all devices on the network — even those never seen before. IoT Security also offers ML-powered policy recommendations to reduce manual effort; intrusion prevention to block exploits; sandboxing to detect and prevent IoT malware; and URL and DNS security to stop IoT attacks via the web.
The new healthcare and IoMT security features include:
- MDS2 Document Ingestion: Manufacturer Disclosure Statement for Medical Device Security documents allow medical device manufacturers to disclose the security-related features of their devices, allowing for deeper vulnerability analysis, tuned anomaly detection and specific recommended policies.
- Operational Insights: These insights give biomedical and clinical engineering teams visibility into how, when and where medical devices on their network are being used, allowing teams to optimize resource allocation, improve patient care, make capital planning decisions and reduce maintenance costs.
- Expanded IoMT Discovery: With the addition of many other medical-specific protocols App-ID™ now enables expanded discovery and security for unique IoMT devices and healthcare applications.
“The Internet of Medical Things has the potential to improve healthcare, save lives, and bring massive savings. But if not properly secured, these same devices can pose huge risks,” said Anand Oswal, senior vice president and general manager, Firewall as a Platform, Palo Alto Networks. “Our vision is to give healthcare organizations complete visibility, in-depth risk analysis, and built-in prevention so they can get the maximum benefits from this transformative technology while reducing risks to patients and their data.”
“Initially, Valley Health System’s primary objective was to better understand and enable vulnerability management of medical devices that connect to our network. As the initial step, we needed to identify those devices and understand how and where they connect within our infrastructure. As we looked at and explored various products, we saw great potential and benefits to identify not only biomed, but all network connected devices and systems. After several months of comparing various systems, we landed on IoT Security by Palo Alto Networks. IoT Security is simple, cloud-delivered, and can be deployed quickly,” said Miroslav Belote, chief information security officer, Valley Health System. “The installation, configuration, and initial device discovery was straight forward. Within hours of turning on the system, we began seeing results – inventory, classifications, device and device risk profiles on thousands of devices. With Palo Alto Networks’ IoT Security, we gained complete visibility to over 4,000 non-traditional IT devices, about 30% more devices than what we had prior. We now plan to extend our inventory, vulnerability detection, and prevention process and practice as an integral part of our ongoing efforts to protect our IT and IoT assets.”