As healthcare providers use digital devices such as diagnostic and monitoring systems, ambulance equipment, and surgical robots to improve patient care, the safety of these devices is as important as their primary function. Palo Alto Networks (NASDAQ: PANW) today announced Medical IoT Security – the most comprehensive Zero Trust security solution for medical devices – enabling healthcare organizations to quickly and securely deploy and manage emerging connected technologies. Zero Trust is a strategic approach to cybersecurity that protects an organization by eliminating implicit trust by continuously auditing every user and device.
“The proliferation of connected medical devices in the healthcare industry brings a wealth of benefits, but these devices are often not well secured. For example, an alarming 75% of the smart infusion pumps on the networks of hospitals and healthcare companies have been studied, according to Unit 42. Companies had known security vulnerabilities,” said Anand Oswal, senior vice president of products, network security at Palo Alto Networks. “This makes security devices an attractive option Target for cyber attackers who may leak patient data and ultimately put patients at risk.”
While a Zero Trust approach is critical to protecting medical devices from today’s innovative cyber threats, it can prove difficult in practice. Through automated device discovery, contextual segmentation, least privilege policy recommendations, and one-click policy enforcement, Palo Alto Networks Medical IoT Security delivers a zero-trust approach in a seamless, simplified manner. Medical IoT Security also offers best-in-class threat protection through seamless integration with security services provided by Palo Alto Networks, such as Advanced Threat Prevention and Advanced URL Filtering.
Palo Alto Networks’ new Medical IoT Security uses machine learning (ML) to enable healthcare organizations to:
Create device rules with automated security responses: Easily create rules that monitor devices for behavioral anomalies and automatically trigger appropriate responses. For example, if a medical device that normally sends only small amounts of data unexpectedly uses a lot of bandwidth, the device can be disconnected from the internet and security teams alerted.
Automate Zero Trust policy recommendations and enforcement: Enforce recommended least privilege access policies for medical devices with one click using Palo Alto Networks next-generation firewalls or supported network enforcement technologies. This eliminates error-prone and time-consuming manual policy creation and scales easily across a range of devices with the same profile.
Understand device vulnerabilities and risk exposure: Access each medical device’s Software Bill of Materials (SBOM) and map them to Common Vulnerability Exposures (CVEs). This mapping helps identify the software libraries used on medical devices and any associated vulnerabilities. Get instant insight into each device’s risk posture, including end-of-life status, recall notification, default password warning, and unauthorized external website communications.
Improve compliance: Easily understand medical device vulnerabilities, patch status, and security settings, then get recommendations to bring devices into compliance with rules and policies, such as: B. the Health Insurance Portability Accountability Act (HIPAA), the General Data Protection Regulation (GDPR) and similar laws and regulations.
Check network segmentation: Visualize the entire map of connected devices and ensure that each device is placed in its assigned network segment. Proper network segmentation can ensure that a device only communicates with authorized systems.
Simplify operations: Two distinct dashboards enable IT and biomedical engineering teams to each view information critical to their role. Integration with existing health information management systems such as AIMS and Epic Systems helps automate workflows.
Healthcare organizations use Palo Alto Networks products to secure the devices that provide world-class care to millions of patients around the world.
“Establishing and maintaining acute situational awareness of the Internet of Medical Things (IoMT) environment is of paramount importance to the Ein