Zero-Trust Security for Medical Devices

Jonathan Langer

Jonathan Langer

Jan 9


HIMSS 2018

Last year was our first time attending HIMSS. We shared with the market the first cybersecurity solution which protects medical devices that have been a weak point on clinical networks for years. Many hospitals had hoped that the IoT security solutions on the market were going to protect their medical devices, but previous solutions and competitors were built to cover the IoT industry at large. This means that they did not consider the special circumstances surrounding healthcare and medical devices. So, while it was great for hospitals to see up to 97% of all of their connected devices, 3% of their inventory was left un-accounted for. That 3% largely consisted of their vulnerable medical devices.


Our solution is focused solely on connected medical devices; This way, we can identify 100% of them. Also, because we fingerprint them leveraging DPI, we can not only catalog the traditional characteristics of IoT solutions, we can decipher the specific the device should follow. What that means for hospitals is if a device is behaving in a way that is out of scope from the manufacturer’s protocol, we know it, and we can show it. That enables us to catch on to a breach of the medical device before it starts sending messages across the network. Why does that matter? Recent research conducted by the Ponemon Institute confirmed that the average time for a hospital to identify a breach is 55 days… 55 days! A lot can happen on a network in 55 days and to the devices connected to patients. Equally alarming, the same research showed it takes an average of 1,037 days to contain the breach. Of course, the better option is to prevent it from happening.medigate-zero-trust-blog


Taking advantage of Medigate’s knowledge of clinical domain applications and the unparalleled traffic control ability of Palo Alto Networks, the integrated solution can automatically create detailed Zero-Trust policies based on network communications.

It begins with enhanced visibility of all medical devices on the network. Then our platform matches each device’s IP with tags based on its type, vendor and model. The platform then transfers the tag-to-IP matching to the firewall through Palo Alto Networks application programming interface, or API. Accurate tagging and classification enable the creation of rule-based, clinically driven security policies that only allow approved traffic. Additionally, Medigate’s platform detects both network and security anomalies, generating alerts for version control, vulnerabilities, security issues, changes and much more.

This tagging mechanism opens a whole new domain of security policy management capabilities for healthcare providers. Previously, firewall rules had to rely on network zones, IP addresses and ranges. Tagging devices based on functionality and vendor adds new levels of granularity, enabling far more specific policies. Furthermore, the Medical Device Security Platform monitors changes in- devices’ network properties, such as IP addresses and software versions, and incorporates them continuously into update tags. 

HIMSS 2019 

This year, Medigate and Palo Alto Networks will be sharing two booths at HIMSS to make it easier for you to learn about our zero-trust solution. You can find us in the Cybersecurity Forum and Innovation Live Forum. We’re excited to share this revolution in medical device security with you.

To learn more about how Zero-Trust is helping hospitals secure their networks today, attend one of these presentations:

Zero-Trust Security for Medical Devices

12:45-1:05pm | Cybersecurity Forum, Theater 2

Speaker: Vik Arora, CISO, Hospital for Special Surgery

Never Trust; Always Verify Medical Device Security

Tuesday, Feb. 12 | 4:15pm – 4:35pm | Innovation Forum Theater

Speaker: John Williams, IT Lead, UT Southwestern

See you at HIMSS!