The combination of new technologies and increased connectivity has the power to enhance almost every aspect of our lives. That’s even true of the healthcare sector, particularly during the current pandemic, with telehealth advances facilitating care that might not otherwise be provided in a safe and timely manner. But it is also important to understand the downside: increased connectivity expands the attack surface of the technology environment.
We all talk about being more connected, but that’s usually in reference to the devices we use and the services we consume. However, there’s also the infrastructure these services traverse to reach our devices. Network capabilities undoubtedly transformed the way and speed at which computers were adopted, providing the ability to communicate between multiple systems over distances of varying degrees and allowing us to utilize all these services for just about any purpose -- something that’s now taken for granted. Imagine the challenges of an Electronic Health Record (EHR) accessible from only one workstation, or multiple installations across hundreds of machines all with different information because the data cannot be easily replicated between them. Luckily, we don’t have to imagine either scenario, thanks to networks.
Access to clinical applications and medical information in a digital healthcare environment is vital. From a clinical perspective, the need for system availability often trumps integrity or confidentiality. Of course, this doesn’t mean that integrity and confidentiality are not as important. All three of these concepts need to be carefully and proportionally considered to ensure data and systems are protected against unintended or malicious activities.
There are often headlines about breaches caused by unsecured database systems, misconfigured cloud storage or unprotected servers that allow access to patient data and medical imaging files. Similarly, vulnerabilities in medical devices and IoT are being reported more frequently as the focus on the healthcare industry rises. Attention grabbing headlines aside, it stands to reason that securing infrastructure and applications is essential. We must not forget about the devices that facilitate, segregate and protect the network.
Network devices sometimes get neglected after initial set up and installation, especially if working as expected. It is not uncommon to find switches and routers with a long-running uptime, but this means the device has not been updated or patched during that time and might be missing important security fixes. Additionally, many devices’ default configurations are not secure—they can have vulnerable services enabled and overly permissive or unnecessary ports open.
Considering the amount and types of data traversing network devices, even one compromise may allow an attacker to view, alter or deny network traffic. This will have a significant impact on clinical risk and administrative workflows, ultimately affecting patient safety.
Minimizing the attack surface presented by a device is a key aspect of safeguarding any network.
Restricting physical access and hardening devices will reduce the risk of compromise. Configuring settings securely that will prevent unauthorized access – physically and remotely - to the device, disabling the use of vulnerable protocols that are frequently targeted by attackers and utilizing robust password polices that incorporate multifactor authentication should all be considered.
There are many free resources to help harden different assets; for example, the Center for Internet Security offers security benchmark guidance for a large number of platforms.
Device configuration backups should be routinely conducted and stored offline. In the event of accidental or intentional misconfiguration or device failure, a known and recent working configuration can be restored quickly.
System and network outages both have severe consequences, which is why network devices should be managed in the same way as other infrastructure assets such as servers and workstations. Although patching and updating requires downtime, it is one of the most important tasks to undertake when securing any software or software-based device. Network redundancy helps prevent downtime, which is especially important for critical systems. However, where redundancy is not possible, scheduled downtime for maintenance and updates should be factored into support protocols for network devices. Controlled downtime isn’t 100% risk free, but it’s certainly preferable to outages caused by insufficient maintenance or, worse, avoidable cyberattacks.
Implementing policies that manage the lifecycle of devices is also important. This will help prevent end-of-life or unsupported devices and software remaining on the network. Unsupported devices will not be updated with fixes for vulnerabilities discovered after the support date has passed, leaving them open for exploitation.
The compromise of any device can have a serious impact on patient safety. This could be directly through exploitation of vulnerabilities in connected medical devices or, more likely, indirectly from delays in care as a consequence of systems or services becoming unavailable.
Pragmatic security can be complex, but it is integral to patient safety. Ensuring all assets in your environment are configured securely, patched, segregated appropriately, monitored and backed up will help keep patients safe. The processes can be complex and time-consuming, but they are worth the effort.