As part of Innovation Health’s ongoing Webinar Series, the topic of “Healthy Hospital Infrastructure” was explored this past week. Arista, Forescout and Medigate co-presented, so the discussion centered-on secure, high performing clinical-networks. The partners presented a complement of capabilities, including Arista’s software-driven networking innovations, as well as, detailed benefits of Medigate and Forescout’s recent integration.
Opening with an acknowledgement that healthcare is providing the cybercriminal with the most lucrative bounty and most vulnerable attack surface across industry, Arista described how high-performing, ultra-low latency cloud networks are powering modern data centers that consume less power, require a much smaller footprint and can be managed at far less cost. As emphasized by Andy Brown, a senior healthcare engineer with Arista, “when the infrastructure can be operated and maintained on a common, purpose-built operating system like Arista’s EOS, management skill-sets naturally coordinate and productivity skyrockets in accordance with dramatic gains in automation and agility.”
The Medigate/Forescout storyline began with Medigate’s explanation of what it means by “fully profiling” a health system’s connected landscape, as its definition now includes a base-line security policy for every connected asset. Medigate discussed its continuous research into authorized device workflows and its development of an engine that now automates policy creation. As the data combination is unprecedented, it led to Forescout describing why Medigate is such a natural and powerful integration partner.
Forescout explained how its Network Access Control (NAC) capabilities consume the policies provided by Medigate to inform Forescout-directed enforcement. In direct support of client network segmentation initiatives, whose deployment cycles have been “dramatically shortened” as a result of the integration, Forescout also discussed how the data are enabling increasingly refined, dynamic segmentation efforts. Lyle Kelly, a Forescout senior solutions engineer, stated “that while the capture of a device’s Make and Model, MAC and IP address was considered breakthrough capability just a year ago, it doesn’t approach the level of data enrichment now available and required to enable this kind of capability.”
In the same context, Medigate’s continuous firmware and configuration-level monitoring processes were also explained, along with how it passively captures device status, network security posture, location and utilization metrics. Added Scott Barrett, another Forescout senior solutions engineer: “That Medigate now combines its device profiling data with its knowledge of authorized workflows and has compiled this intelligence as security policies that Forescout can directly ingest, is nothing short of a game-changer for our industry.”
The webinar ended with a case study describing the success of a Top 5 US health system that has already operationalized the Arista/Forescout/Medigate solution. “As described in the case study, by incorporating security enhancements into established workflows, meaning, by making security practice relevant across what I think we all realize are converging disciplines, hospital resource constraints are not only addressed, but ROI-rich operational improvements can be achieved,” said Mark Farrow, a 35-year tenured health system CIO who served as the webinar’s moderator.
Although the group conceded that investment in a healthy hospital infrastructure can be rationalized solely based on the costs of a successful cyber-attack, the regulatory pressures driven by patient-safety concerns were also highlighted. In conclusion, Mark Farrow added: “These investments can be justified based on interoperability improvements that are entirely consistent with the business cases driving healthcare’s overarching digital transformation –investments that must deliver ROI and ultimately, benefit patients.”