Connected medical devices help clinicians deliver faster, higher quality care, but they also create an attack surface that most healthcare delivery organisations (HDOs) are not prepared to protect.
These devices lack inherent security controls, they cannot easily receive software updates, and they cannot be seen or managed by traditional security products. All of this puts sensitive data, day-to-day facility operations, and patient health at risk.
Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged medical and IoT devices.
The Armis platform discovers every device (managed, unmanaged and medical) on and off a network and analyses behaviour to identify risks to protect critical patient information and systems from attacks. It is cloud-based, agentless, and integrates easily with existing network and security products.
“Armis passively monitors wired and wireless traffic on your network and in your airspace to identify every device and to understand their behaviours without disruption.
The Armis Risk Engine then analyses this data and uses device profiles and characteristics from the Armis Device Knowledgebase to identify each device, assess their risks, detect threats, and quarantine suspicious malicious devices automatically,” said Andre Kannemeyer, CTO at Duxbury Networking, distributor of Armis solutions in South Africa.
Armis discovers and classifies every medical device, as well as regular managed and unmanaged devices, in the HOD’s environment.
It can even identify off-network devices using Wi-Fi, Bluetooth, and other IoT protocols in the organisation’s environment – a capability no other security product offers without additional hardware.
The comprehensive device inventory Armis generates includes critical information like device manufacturer, model, serial number, location, username, operating system, installed applications, FDA classification, and connections made over time.
In addition to discovering and classifying a device, Armis calculates its risk score based on factors like vulnerabilities, known attack patterns, and the behaviours observed of each device on the network.
This risk score helps the HDO security team understand the attack surface and meet regulatory requirements to identify and prioritise vulnerabilities:
Reduce data breaches
Healthcare has the highest data breach cost of any industry today, and breaches have regulatory consequences.
PII and PHI continue to be valuable targets for hackers. Armis performs real-time, ongoing risk assessments with scoring that triggers notifications or automatic mitigation actions based on device behaviour.
Through behavioural analysis and security automation, security teams can reduce the likelihood and impact of potential breaches, and the theft of patient data.
Detect and stop ransomware attacks
WannaCry and NotPetya attacks continue to impact HDOs, taking out critical medical devices like CT scanners and X-Ray machines.
Armis tracks device behaviour to identify ransomware spread, and can quarantine devices, medical or otherwise, to stop attacks in real-time.
Protect patient safety
Today’s medical devices are connected, gathering and transmitting information, and even administering patient care.
However, these devices have no inherent security, and cannot have a security agent installed on them, and you cannot scan them for fear of disrupting patient care.
Armis can identify and track medical device behaviour passively, without disruption, providing continuous, real-time device risk assessment and mitigation. It profiles all devices, connections, and identify anomalous behaviour to protect patient care.
Track medical device utilisation and inventory
Device usage and location are critical to the bottom line of any healthcare organisation. Users need to know where they are, how much they are used, or if they are sitting idle.
Armis tracks each device, its IP, and where it is on the network, letting one track devices easily, even if they move between floors or buildings.
It also sees traffic and associates use of each device for utilisation reporting, helping HDOs get the best return on investment for their medical assets.
This article was published in partnership with Duxbury Networking.