The healthcare industry faces unique and complex challenges when it comes to cybersecurity. With the increasing use of connected devices, remote work, and BYOD policies, healthcare organisations need to urgently secure their endpoints from cyberattacks that could compromise patient data and safety.
This is the word from Martin Potgieter, technical director at Nclose, who warns: “Criminals looking to steal sensitive data and potentially sell them on the dark web are constantly on the prowl for weaknesses in hospital systems.”
One of the main challenges that healthcare organisations face is securing their medical devices. Medical devices are not only used to collect and transmit patient data but also to regulate and administer patient treatment.
For example, a medical device could monitor a patient’s vital signs or deliver a dose of medication. These devices are often not treated like normal PCs that are used by staff or administrators. They have special software and hardware that may not be compatible with standard endpoint security solutions.
Moreover, they may not be updated or patched regularly due to regulatory or operational constraints. This makes them vulnerable to cyberattacks that could tamper with their functionality or data integrity, says Potgieter.
“Medical devices are very much like operational technology devices similar to what they use in manufacturing, except medical devices are probably a little more sensitive,” he says. “These devices not only feed information into another system but also potentially get information from the system to regulate a patient’s treatment.”
To secure medical devices, healthcare organisations need to consider other controls besides installing endpoint security software. One possible solution is network segregation, which means creating a separate network for medical devices as opposed to normal devices. This can prevent unauthorised access and reduce the attack surface.
“Another possible solution is using specialised software and solutions that are designed for the medical industry. However, these solutions are not widely adopted in South Africa or in the rest of the world,” Potgieter adds.
Another challenge that healthcare organisations face is managing the devices that doctors bring into the hospital network. Doctors often have their own equipment, such as laptops or tablets, that they use to access patient records or other information. Yet, they may not want to install any endpoint security software or follow any security policies imposed by the hospital. They may also have insufficient security controls on their devices or lose them accidentally. This creates a risk of data leakage or malware infection.
“The nature in which hospitals work is that there is the hospital group and then there is a doctor that has a practice in the hospital, and they have their own equipment, but they need to connect to the hospital network and the doctors are relatively protective or controlling – like ‘you are not going to put anything on my device, this is my device,'” he says.
To address this challenge, healthcare organisations need to implement a BYOD policy that defines the rules and responsibilities for using personal devices in the hospital network. They also need to educate doctors and staff on the importance of endpoint security and the potential consequences of not following best practices. Furthermore, they need to monitor and enforce compliance with the policy using endpoint security tools that can detect and remediate threats.
Endpoint security is also an ongoing process that requires constant vigilance and care. To maintain a high level of endpoint security hygiene, healthcare organisations need to regularly update their software, scan their devices for vulnerabilities, and conduct risk assessments to identify and address any gaps or weaknesses.
“These steps can help them prevent or mitigate cyberattacks and protect sensitive patient information,” Potgieter concludes.