Healthcare & The Internet Of Things

A recent study by Hewlett Packard subsidiary ‘Aruba’, projected that more than 85% of healthcare organizations would have introduced IoT into their operations by the close of 2019. While there are several significant benefits to doing so, we cannot overlook the accompanying security risks.

What is the Internet of Things? This is a system of connected devices that can transfer data over a network even without human-to-human or human-to-computer interactions. From smart medical gadgets to watches, security cameras, thermostats, digital assistants, etc., almost every appliance can now be connected to the internet. The IoT tracks user habits and preferences. It then synthesizes and analyzes this data to help you and your consumers automate tasks and streamline your online environments’ customization. However, these devices also pose a significant cybersecurity threat — especially if you don’t add them in a well-thought-out way.

Watch our YouTube Video to learn more on Healthcare & The Internet Of Things:

Why Is IoT Security Important?

According to Forbes, there was a 300% surge in IoT devices attacks in 2019 alone. Data from Kaspersky Labs paints an even more disturbing reality — more than 105 million attacks on IoT gadgets just within the first six months of 2019. While these breaches are spread across several industries, Healthcare is one of the most affected sectors. HIPAA Journal reports that 82% of Healthcare Organizations have directly experienced attacks on their smart devices.

Typically, bad cyber actors will use the less-protected IoT devices as backdoors to your network. They then capture credentials traveling through your systems. A common trick is gaining control of your CCTV cameras and using them to observe as your users key in their login credentials. Once they have these logins, they can take over the control of all the utilities connected to your network, phish your clients’ PII, or launch attacks on the rest of your system.

For the Healthcare industry, this means putting your patients’ lives at risk. Fabian Wosar, Emsisoft CTO, thinks that, “the fact that there were no ransomware-related deaths in 2019 is simply due to luck.”

We are not expecting cyber attackers to tone it down anytime soon. Moving forward, they can only be more aggressive and lethal. Therefore, the responsibility is on the IT and cybersecurity stakeholders working in the Healthcare sector to advance their security measures.

What Are Best Practices For IoT Security? The first thing to note is that you should NOT use consumer IoT gadgets in a business environment. Consumer-grade cameras, thermostats, smart TVs, etc., have less fringent security features and protocols than their commercial-grade counterparts.

Here are the top three best practices for IoT security:

  • Have a Reliable Password Management System: Do not rely on the default administrator login and password provided by the device vendor. Such generic passcodes are often weak and easy to penetrate. Instead, implement responsive password complexity and expiration protocols for all your IoT devices. We recommend changing the passwords every 90 days, or a minimum of twice a year.
  • Invest in Network Monitoring Solutions that give you full visibility into your IoT devices and their traffic. Also, do not allow employees to use personal IoT devices on your corporate network, particularly over the WiFi. You can instead create a segregated network if you must supply them with internet access.
  • Update and Patch Your IoT Devices out of the box and on an ongoing basis. Usually, firmware developers include extra security features in their latest patches to secure against recently discovered vulnerabilities. Therefore, having the most recent software ensures that your IoT gadgets have the most advanced security features.

Why Should Healthcare Organizations Be Extra Careful With The IoT?

The Internet of Things has a lot to offer to Healthcare, but only if you implement it properly. Otherwise, it’s not only financial and reputational damages at stake — lives are also hanging in the balance. An attack on IoT devices within medical facilities could mean dysfunctional life support machines, prescription mix-ups, and many other repercussions that threaten the wellbeing of your patients.

While individual steps from users can go a long way in enhancing security for IoT devices, it’s more effective to approach the effort from top-down — by working with a managed IoT provider.

Nexus IT Consultants can help you leverage IoT for your Salt Lake business without compromising security.

Get In Touch With Us!