Palo Alto Networks Enables Comprehensive IoT Security for Healthcare Delivery Organizations

Jan 28, 2021
5 minutes

With the Omdia IoT Devices Intelligence Service estimating 500 million plus healthcare devices being introduced globally by 2025, the utilization of the Internet of Medical Things (IoMT) in the healthcare market is certainly at a point of inflection.

It's a well known fact that like IoT devices, IoMT for healthcare delivery organizations (HDO) pose huge security risks. Often shipped with vulnerabilities, IoMT devices commonly run on legacy operating systems, are difficult to patch, and lack necessary encryption in communication. Moreover, existing IoT and IoMT security solutions lack any inbuilt prevention or enforcement, employ outdated signature-based discovery methods for visibility, and have slow complex deployments that rely on integrations to provide any form of security. 

As the cybersecurity industry leader on a continuous journey of innovation, Palo Alto Networks is excited to expand the existing IoT Security product with new features that are bespoke to the healthcare industry. Building upon the great foundation set by Zingbox, these new capabilities make Palo Alto Networks IoT Security the healthcare industry’s most comprehensive IoT security solution delivering ML-powered visibility, prevention, enforcement, and operational insights—in a single platform.


Availability and Core Capabilities

Available to healthcare and pharmaceutical organizations, Palo Alto Networks IoT Security offers deep visibility into medical devices, enhanced risk assessment, and focused insights to maximize ROI and improve patient experience.

Let’s take a closer look at its core capabilities and why 19% of US hospitals trust IoT Security to secure all medical devices:

  1. Overcoming the limitations of signature-based solutions in new device discovery, our IoT security accurately identifies and profiles all seen and never-seen-before IoMT and IT devices in the HDO network by combining Palo Alto Networks App-ID™ technology with a patented three-tier machine learning (ML) model that forms the basis of device profiles. Using cloud-delivered ML, means that once a never-seen-before device at one customer is identified, every other customer immediately benefits from the knowledge, allowing the product to grow and get more intelligent with every new customer.

  3. With built-in prevention, instead of an alert-only approach, our cloud-delivered security services are seamlessly integrated with IoT Security to keep medical devices safe with inline protection. Stopping known and unknown file-based threats (WildFire), vulnerabilities (Threat Prevention), and malicious web activity (URL Filtering and DNS Security), saves network and security teams countless hours in alert triage and manual response.

  5. Automated risk assessment and trust-based policy recommendations are also derived from device profiles. Risk is prioritized by continuously evaluating key behavioral patterns with common vulnerabilities and exposures (CVEs), Unit 42 threat intelligence, behavioral anomalies of similar crowdsourced devices revealing a risk score, and for HDOs this also includes, Manufacturer Disclosure Statement for Medical Device Security (MDS2) information like antivirus capabilities, ePHI, FDA recalls, and vendor patching information.
    Insights are then converted into flexible trust-based policies that allow or restrict device behavior, all that’s required is a quick policy review before enforcing control. Any changes to the policy are automatically updated, saving network operations countless hours per device in gathering and analyzing the data required to create policies manually.

  7. Operational insights from IoT Security help biomedical and clinical teams improve patient experience and clinical operations by tracking and reporting IoMT device usage and resource allocation to glean actionable business intelligence. This alleviates the pain of capital planning and resource allocation helping HDOs organize and optimize expensive resources.

  9. Playbook driven third-party integrations seamlessly become part of your existing IT and security workflows, strengthening your current IT Service Management (ITSM), Network Access Control (NAC), Security Information and Event Management (SIEM) and other use cases. Pre-built customizable playbooks orchestrate actions without the need for programming from scratch so your security team can improve operational inefficiencies, enrich asset inventories, accurately onboard IoMT devices, enforce device controls and automate incident responses from day one.


Why IoT Security Stands Out

Palo Alto Networks IoT Security is easy to deploy and operationalize, requiring no additional investment in infrastructure.

Delivered to our existing customer base as a new cloud-delivered security service, simply activate IoT Security on any form factor of your existing Next-Generation Firewall. Leave the worry of deploying and managing another single purpose sensor behind. Activate quickly in 5 minutes from license delivery and enjoy 18X faster initial and ongoing policy creation with our automatically recommended trust-based policies. 

For potential customers, we eliminate the need to purchase, integrate, and maintain multiple point products or change your operational processes to get full IoMT security. Our Next-Generation Firewall can simply be used as a sensor for our IoT Security service, providing you the flexibility to implement best-in-class prevention and enforcement within a single platform, or integrating into existing processes and technologies. Accurately discover 90% of devices in 48 hours, and have the ability to opt-out purchasing, managing, and maintaining yet another single-purpose sensor.

Here’s what one of our customers is saying:
“IoT Security by Palo Alto Networks was a simple, cloud-delivered add-on to our network infrastructure. The native enforcement using the NGFW meant we could deploy quickly and get a higher return on existing investments and resources.” said Miroslav Belote, Chief Information Security Officer, Valley Health System. “With Palo Alto Networks’ IoT Security, we gained complete visibility to over 4,000 IoT and medical devices, about 30% more devices than what we had prior, and now plan to extend our inventory, vulnerability detection, prevention process and practices as an integral part of our ongoing efforts in protecting our IT and IoT assets.”

Take charge of securing your IoMT assets with our machine-learning based, signature-less approach. With full control and deep visibility into all your connected medical devices, natively secure them at scale. Register to watch our upcoming webcast “Protect Every Medical Device in Your Network”.

Subscribe to Network Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.