GHP Q4 2019

18 GHP / Q4 2019 , Why a Smart Hospital Needs to Look After its Network The Internet of Things (IoT) has the potential to transformall areas of the economy. But few industries stand to benefit more in a connected world than healthcare. Gamal Emara, Country Manager - UAE at Aruba, tells us more. Consider how a hospital currently op- erates – running on a network of machines that are constant- ly monitoring, measuring and analysing, dealing with hundreds of people walking in and out of its doors on a daily basis, and on high alert around the clock. This is the ideal environment for smart, connected devices with greater autonomous, predic- tive and analytical capability. Turning a siloed device-driven environment into a connected one has the potential to enhance existing operations considerably: improving speed, efficiency and reliability, and ultimately enabling better patient care and experienc- es. It is little wonder then that US hospitals are already estimated to have as many as 10 to 15 IoT devices per bed, according to research by Zingbox. Unfortunately, the security con- siderations of all this connectivity are significant, with implications for both patient data and care. Reports have shown that up to 89% of healthcare organisa- tions that have adopted an IoT strategy have experienced an IoT-related data breach, while patient records are some of the most sought-after by hackers (fetching up to $250 on the black market according to Trustwave). So what more can hospitals do to anticipate the risks of future con- nectivity? And how can they set up their networks to fight back? Anticipating and overcoming IoT risks For any network manager re- sponding to these questions, the starting point is recognising the vulnerabilities that are inherent in large networks of connected devices. With every component offering a potential point of failure or entry to a would-be attacker, the more devices a hospital brings in, the greater the risk of a significant data breach. But it is not just patient data that could be at risk in a worst-case scenario – far more worrying are the implications for patient care. A device that has autonomy to measure and deliver drug doses, for example, could suffer from a software glitch, or be taken over by a malicious attacker. Meanwhile during an episode of unexpected downtime, a device that isn’t critical to life – such as an MRI scanner – could gain preferential access to one that is, like a heart monitor. These may be extreme scenar- ios, but they are something for which every hospital and health- care provider must prepare. And guarding against them means addressing a key source of IoT vulnerability: network visibility. Secure, visible, and under control Protecting a network which houses IoT devices at scale is a challeng- ing task at the best of times, but it can only be achieved if everything – down to the last sensor – is individually logged, secured and monitored. Without a system that allows everything to be “finger- printed” in this way and then man- aged accordingly, vulnerabilities emerge that can be exploited. As the volume and sophistica- tion of IoT devices in hospitals increases, this is only becoming more of a mammoth task for network managers. Traditional approaches for profiling aren’t suitable for many IoT devices, rendering them indistinguishable and generic. And yet the ability to discriminate between devices is absolutely vital. Consider how you would react to an issue with an automated insulin delivery system versus one with the smart sensors in the hospital carpark. Critical-care devices that need to run continuously can’t be treated the same way as those which can be disconnected if needed. Luckily, there is a solve for this lack of visibility – and that comes in the form of an increasing array of AI and machine learning solutions, like Aruba’s ClearPass Device, that are being created to ensure every device connected to the network can be monitored with the appropriate depth. Running on a purpose-built cloud platform, ClearPass deploys a range of machine learning models to differentiate between devices with similar IT attributes, and build highly detailed, behav- ioural-based profiles for any that are connected to the network. Putting the spotlight on net- work security When the future of healthcare is discussed, the spotlight is under- standably focussed on clinicians, patients and devices. But as smart hospitals become a reality, attention will increasingly shift to the less visible role of the network security manager. This brings with it great respon- sibility, but also the opportunity to play a vital role in the ongoing revolution of today’s health- care system. In the age of IoT continued progress will rely as much on effective security as it does on hardware innovations and digitally enabled caregiving. Doctors will only be able to look after the patients if network man- agers use the right tools to care for the hospital. So, isn’t it about time you run a proper diagnosis of your network security?