Increasingly, healthcare leaders view cybersecurity as not only an issue of patient privacy but also of patient safety. Cyberattacks are becoming more sophisticated, moving beyond data theft toward the disruption of care itself.
To classify devices, UI Health Care’s security team segmented them by their network location and pulled data on their activity regularly, but such manual monitoring and logging was time intensive. UI Health Care is also implementing Cisco’s Identity Services Engine (ISE) technology, where each device is given a unique “fingerprint.” A device whose fingerprint isn’t recognized by the system is prohibited from accessing the network. However, the process of fingerprinting each device took hours and still did not provide visibility into each device’s baseline behavior. UI Health Care lacked insight into when a device was acting outside of the norm and leaving the system vulnerable to attacks.
Ensuring the operational availability of UI Health Care’s more than 45,000 devices is a top priority for its security team. However, while UI Health Care’s security managers had confidence that they were securing IT devices, they lacked holistic visibility into all the network’s IoT devices. UI Health Care needed:
Furthermore, the outbreak of the WannaCry and NotPetya cyberattacks raised newfound concerns for UI Health Care. Although their facilities weren’t impacted, UI Health Care security managers were concerned that their manual processes could prevent them from protecting the network from similar attacks.
Because Palo Alto Networks IoT Security distinguishes the unique personality of each device, this solution proved to be exactly the fingerprinting capability that UI Health Care needed. Through machine learning and three-tier profiling techniques, IoT Security establishes a baseline for typical behavior and alerts users to any device acting outside of its normal activity. Users can then quickly locate and quarantine any device violating policy or otherwise acting suspiciously.
Before UI Health Care had even purchased the solution, Palo Alto Networks demonstrated the value of IoT Security during the Proof-of-Concept (POC). It took only a few hours for Palo Alto Networks to set up the platform and deliver real-time data that UI Health Care used right away.
IoT Security soon alerted UI Health Care that two ultrasounds were attempting to communicate with an international IP address—behavior that no device in the network was authorized to do. After UI Health Care alerted GE—the device’s manufacturer—to this activity, GE realized that there was a vulnerability caused by a recent upgrade. Given that this was the same attack vector used to perpetrate WannaCry and NotPetya, GE took action rapidly to diminish global risk.
With IoT Security, UI Health Care now had a real-time inventory of all devices running on the network at any given time, as well as details about each device’s status, behavior, and classification.
“From a security perspective, we always want to know what’s out there,” says UI Health Care’s Chief Information Security Officer Shari Lewison. “With Palo Alto Networks, there’s very low management required on our side because the information is so intuitively presented, and there’s no training necessary.”
This unprecedented visibility enhanced UI Health Care’s ability to demonstrate risk readiness, a key requirement of the federal government’s annual HIPAA Risk Assessment. It also enabled the medical center to reach a new tier of risk understanding that’s unusual in the healthcare space. Aside from reducing the chances of a costly breach, demonstrating this kind of risk awareness to regulatory agencies helps UI Health Care avoid fines, leading to additional cost savings.
“Because Palo Alto Networks helps us understand the security of everything in our environment, it’s our insurance policy against risk,” says Lewison.
UI Health Care meets regularly with Palo Alto Networks to discuss IoT Security insights and provide input, which Palo Alto Networks integrates into the platform within a couple weeks.
“Vendors always say they’ll implement feedback, but we found that to actually be the case with Palo Alto Networks,” says Lewison.
In addition to securing the health system against threats, IoT Security also helps optimize biomedical operations. Engineers can quickly see whether a device is being used disproportionately compared with other devices and whether usage can be rotated to increase the life of all devices. When a device gets recalled, engineers can use IoT Security to quickly locate and replace devices throughout the entire health system.
By providing a holistic, real-time solution, Palo Alto Networks enables UI Health Care to protect and optimize devices across its entire community. Such a strong security and operational foundation is critical for UI Health Care as it fulfills its promise to change medicine and change lives.
Visit us online to find out more about how IoT Security can help you improve visibility, protect your medical and IoT devices, and strengthen your overall security posture.
You can also start a free trial and see the benefits of IoT Security in your own environment.