Case Study

Academic medical center secures 45,000+ IoT devices

Palo Alto Networks IoT Security gives University of Iowa Health Care Medical Center holistic risk visibility and operational benefits

In brief


University of Iowa Health Care

Products and Services

General medical and surgical hospitals


University of Iowa Health Care

Organization Size



United States of America


UI Health Care desired to remove cumbersome manual device identification, assess system-wide security risk, comply with federal regulation, and optimize operational maintenance of thousands of medical devices.

    • Comprehensive inventory of all device types, locations, and behaviors
    • Real-time, holistic assessment of network risk, with alerts and guidance for threat response
    • Visibility into potential bioengineering operational efficiencies and cost savings

Palo Alto Networks IoT Security protecting 45,000+ devices

Download PDF Share


Because Palo Alto Networks helps us understand the security of everything in our environment, it’s our insurance policy against risk.

Shari Lewison, Chief Information Security Officer, University of Iowa Health Care

Patient safety and privacy present new cyberattack targets

Increasingly, healthcare leaders view cybersecurity as not only an issue of patient privacy but also of patient safety. Cyberattacks are becoming more sophisticated, moving beyond data theft toward the disruption of care itself.


Manual operations and system-wide risk demand compliance

  • Identify all devices in the environment without relying on highly manual inventory processes
  • Assess system-wide risk at any point in time and comply with federal regulations
  • Optimize operation and maintenance of thousands of medical devices

To classify devices, UI Health Care’s security team segmented them by their network location and pulled data on their activity regularly, but such manual monitoring and logging was time intensive. UI Health Care is also implementing Cisco’s Identity Services Engine (ISE) technology, where each device is given a unique “fingerprint.” A device whose fingerprint isn’t recognized by the system is prohibited from accessing the network. However, the process of fingerprinting each device took hours and still did not provide visibility into each device’s baseline behavior. UI Health Care lacked insight into when a device was acting outside of the norm and leaving the system vulnerable to attacks.


Just as we would ensure medications are not expired or tampered with, we are obligated to have a sufficient understanding of the technology we use and ensure our software is not expired or tampered with.

Maia Hightower, Chief Medical Information Officer, University of Iowa Health Care


Comprehensive availability with unprecedented visibility

Ensuring the operational availability of UI Health Care’s more than 45,000 devices is a top priority for its security team. However, while UI Health Care’s security managers had confidence that they were securing IT devices, they lacked holistic visibility into all the network’s IoT devices. UI Health Care needed:

  • Comprehensive inventory of all device types, locations, and behaviors for augmenting Cisco ISE network segmentation of unmanaged IoT devices
  • Real-time, holistic assessment of network risk, with alerts and guidance for threat response
  • Visibility into potential bioengineering operational efficiencies and cost savings

Furthermore, the outbreak of the WannaCry and NotPetya cyberattacks raised newfound concerns for UI Health Care. Although their facilities weren’t impacted, UI Health Care security managers were concerned that their manual processes could prevent them from protecting the network from similar attacks.


Establishing baseline and operational efficiency lead to decisive action

Because Palo Alto Networks IoT Security distinguishes the unique personality of each device, this solution proved to be exactly the fingerprinting capability that UI Health Care needed. Through machine learning and three-tier profiling techniques, IoT Security establishes a baseline for typical behavior and alerts users to any device acting outside of its normal activity. Users can then quickly locate and quarantine any device violating policy or otherwise acting suspiciously.

Before UI Health Care had even purchased the solution, Palo Alto Networks demonstrated the value of IoT Security during the Proof-of-Concept (POC). It took only a few hours for Palo Alto Networks to set up the platform and deliver real-time data that UI Health Care used right away.

IoT Security soon alerted UI Health Care that two ultrasounds were attempting to communicate with an international IP address—behavior that no device in the network was authorized to do. After UI Health Care alerted GE—the device’s manufacturer—to this activity, GE realized that there was a vulnerability caused by a recent upgrade. Given that this was the same attack vector used to perpetrate WannaCry and NotPetya, GE took action rapidly to diminish global risk.


Real-time inventory and unprecedented visibility

With IoT Security, UI Health Care now had a real-time inventory of all devices running on the network at any given time, as well as details about each device’s status, behavior, and classification.

“From a security perspective, we always want to know what’s out there,” says UI Health Care’s Chief Information Security Officer Shari Lewison. “With Palo Alto Networks, there’s very low management required on our side because the information is so intuitively presented, and there’s no training necessary.”

This unprecedented visibility enhanced UI Health Care’s ability to demonstrate risk readiness, a key requirement of the federal government’s annual HIPAA Risk Assessment. It also enabled the medical center to reach a new tier of risk understanding that’s unusual in the healthcare space. Aside from reducing the chances of a costly breach, demonstrating this kind of risk awareness to regulatory agencies helps UI Health Care avoid fines, leading to additional cost savings.

“Because Palo Alto Networks helps us understand the security of everything in our environment, it’s our insurance policy against risk,” says Lewison.

Holistic support—comprehensive care

UI Health Care meets regularly with Palo Alto Networks to discuss IoT Security insights and provide input, which Palo Alto Networks integrates into the platform within a couple weeks.

“Vendors always say they’ll implement feedback, but we found that to actually be the case with Palo Alto Networks,” says Lewison.

In addition to securing the health system against threats, IoT Security also helps optimize biomedical operations. Engineers can quickly see whether a device is being used disproportionately compared with other devices and whether usage can be rotated to increase the life of all devices. When a device gets recalled, engineers can use IoT Security to quickly locate and replace devices throughout the entire health system.


Optimized devices with strong security change medicine

By providing a holistic, real-time solution, Palo Alto Networks enables UI Health Care to protect and optimize devices across its entire community. Such a strong security and operational foundation is critical for UI Health Care as it fulfills its promise to change medicine and change lives.

Visit us online to find out more about how IoT Security can help you improve visibility, protect your medical and IoT devices, and strengthen your overall security posture.

You can also start a free trial and see the benefits of IoT Security in your own environment.