A guest post by Erich Krueger, former CISO.
As a former CISO, I have felt what it’s like to be inundated by information on products and services that claim to be the next best thing. I know how difficult it is to cut through all the noise and hype to find the cybersecurity technologies that will actually make a difference.
When I was looking at new solutions, I had three buckets I would put them in – the first was “good,” the second “not there yet,” and the third was truly “game changing.” The good were technologies that checked the security boxes I needed and warranted an evaluation to see how they may fit into our strategy. The solutions that were not quite ready required more development or thought to make them effective tools; I could see potential in them, but they weren’t production quality or they didn’t address a significant enough problem to justify purchasing.
The game changing solutions were the ones that met my high bar – they were the technologies that would eliminate a real significant problem we were having and/or radically alter the way we operated. They were the ones that helped us be more secure, as well as more productive. They didn’t come around very often.
This is why, when I learned about Medigate, I got excited. Let me explain how it met my game changing bar:
Solving a significant problem – very few healthcare providers actually know what devices are connecting to their networks, nevermind where they are all located, and what they are all doing (e.g. which devices they are communicating with). This makes it nearly impossible to create an effective security strategy – you can’t protect what you don’t know about. It also makes capital planning, ongoing management and maintenance unnecessarily difficult.
Medigate gives providers complete visibility into all the medical and Internet of Things (IoT) devices in their environment. With a real-time detailed device inventory, which includes make, model, OS, embedded software, protocols, and even device location and utilization information, providers no longer have to guess at what is going on in their network. Now, they know and can use that information to improve their security and operations.
Radically altering the way business is done – with Medigate, providers have the insights they need to determine how best to secure, procure, manage, patch and maintain their assets. Knowing what a device is, where it is located, and how it is communicating allows providers to set policies and segment devices where appropriate to reduce the risk posture of the organization.
For example, an imaging workstation should only be communicating with other imaging devices (e.g. MRI, x-Ray, CT Scan, etc.) – all other communications, particularly those across the Internet present a risk and should be blocked.
In addition, understanding what a device is being used for and how often enables providers to uncover potential opportunities to maximize the utility and efficiency of their operations. For example, they can schedule maintenance to optimize the life and performance of their devices, while decreasing any disruptions to care. They can also reallocate underutilized devices or change scheduling practices to service more patients.
Improving security – Medigate continuously monitors the network, identifying devices and uncovering anomalous device communications and behaviors that could be indicative of an attack. With pre-defined, clinical-based policy enforcement and microsegmentation implementations, providers can minimize attack impacts and strengthen their overall security stance.
Improving productivity – Medigate digitizes device inventory and management, ensuring healthcare providers always have a comprehensive, accurate inventory of all the medical and IoT devices in their environment. This eliminates the need to do manual inventories and greatly simplifies the ongoing procurement, patching and maintenance of devices.
For all these reasons and more, the Medigate Device Security and Asset Management platform is a game changer. To see a demo of the platform in action, please visit https://www.medigate.io.