Securing Healthcare IoT to Protect Patients and Care

Bear Valley Community Hospital provides a wide range of healthcare services to year-round residents and seasonal visitors of Big Bear Lake, California. Unlike many other rural and regional hospitals, Bear Valley provided both on-premises and telehealth medical care long before the COVID-19 pandemic. The staff at BVCH seeks to deliver the highest quality care as efficiently and effectively as possible.

At a multifaceted facility like Bear Valley, locating and protecting various types of devices and data is critical to ensure a seamless and safe environment for patients and care providers. The hospital’s security team was confident they had secured their various endpoints and security perimeter, but they still needed to strengthen their visibility into the many network-connected devices that were left open to risk.

The Bear Valley security team knew they had a problem when it came to the Internet of Medical Things (IoMT) and other Internet of Things (IoT) devices going undetected on their network. They didn’t have a standard onboarding process for devices, and when individuals left the organization, information about these devices would often be lost. Jon Booth, IT director for Bear Valley Community Healthcare District, also knew that if they didn’t identify, locate, and secure each of these devices, he and his team were essentially leaving their entire network open to attackers.

It would take only one unmanaged or unmaintained device to instigate a data breach or potentially disastrous network disruption. This, in turn, could dramatically raise operational and staff costs, damage the hospital’s standing in the tight-knit community, and—worst of all—erode patients’ trust in the facility and its care providers.

It was time to think outside the security box.

Booth and his security team were confident that their security infrastructure was technically sound. Like so many healthcare institutions, they needed to discover all devices running in the network, where the devices were, which other devices they were communicating with, and any other details. They were looking for:

• Holistic, real-time visibility into all types of devices in the network
• A standardized, reliable system for activating and removing devices that multiple teams could easily adopt
• Assurance that emerging threats would be quickly and automatically remediated

After a seamless proof of concept (POC) and a rapid deployment of the solution, Booth and his team began seeing security management benefits right away.

Palo Alto Networks IoT Security, with an interface that was intuitive and intelligent, helped the team identify devices they thought existed but hadn’t been able to identify or locate before. Previously, unless IoT, IoMT, or IT devices selfreported or self-identified, the team had no way of knowing key details about them, such as the manufacturer or which other devices they were communicating with. “We found between 10 and 15 percent more network-connected devices than we expected,” Booth says. “It was a very eye-opening experience.”

With a suddenly clear picture of security across the entire hospital, for the first time, Booth and the security team had far more answers than questions. What’s more, Bear Valley’s IT and facilities teams were finally in sync, using the same information from one comprehensive security dashboard.

In addition to identifying each device and revealing its location on the hospital network, Palo Alto Networks IoT Security gives Bear Valley decisive and automatic protection against emerging security risks. Through machine learning and three-tier profiling techniques that create a baseline of acceptable behaviors and map the unique “personality” of each device, the technology knows the kind of device (e.g., a boiler control), whether it’s online or not, the days and times it’s typically in use, who uses it, and many other details unique to each device’s purpose and usage. IoT Security even identifies if a device has active antivirus protection. When a device acts abnormally or communicates outside the network through unauthorized means, IoT Security reports issues to users immediately.

Leveraging this powerful technology helped Bear Valley discover that some recently deployed medical storage devices were communicating in an insecure way and, in another case, that a device was running unrecognized Eastern European antivirus software. Additionally, the IT team now uses IoT Security to validate their device inventory data on a regular basis.

One of the clearest examples of how Palo Alto Networks IoT Security benefits Bear Valley’s operations is a simple yet powerful metric: sleep. With the always-on, always-learning IoT Security technology continuously monitoring the network for potential vulnerabilities, Booth says he and his IT team sleep more soundly at night. “[IoT Security] is unforgiving,” he says. “If something’s messing around, it’s going to catch it.”

In a world where the threat environment changes on a moment-to-moment basis, it’s crucial to have technology that never sleeps—so IT teams can.

To find out more about how Palo Alto Networks IoT Security can help you improve visibility, protect your medical and IoT devices, and strengthen your overall security posture, click here. You can also start a free trial and see the benefits of IoT Security in your own environment.