Subscribe
Search
HomeNews & TopicsTechnology and InnovationDevices are a reality of the circle of care, so how do...

Devices are a reality of the circle of care, so how do we ensure they’re protected?

Technology and Innovation

Published on

Kristie Jones

*Sponsored content

By Ron Rotman

Devices are a reality in the continuity of care, from the consumerization of traditional medical devices, to the addition of webcams and video conferencing kits to support the delivery of virtual care.

However, these devices are quickly becoming security weak points for healthcare organizations. It’s nothing new that any device connected to a network is a risk, however, the recent explosion of devices in healthcare settings are making these organizations prime targets for ransomware activity — in fact, 40 per cent of manufacturers say hackers managed to gain access to their device.

More and more, it’s not just the financial toll of these attacks organizations are worried about, but the additional strain on clinical and administrative staff as ransomware-related outages disrupt workflows and put patients at risk.

As the proliferation of devices continues, there are more and more ways for attackers to get in. Here’s what healthcare organizations need to know about the changing security environment, and how they can rethink their approach to security.

Security challenges and increasing complexity in healthcare

In a typical patient room, there are anywhere from 15-20 devices connected at any one time. This includes everything from infusion pumps, ventilators and pulse oximeters, to a visitor’s mobile phone connecting to the guest Wi-Fi. When it comes to MIoT devices specifically, they are often designed with purpose — not security — in mind, making them difficult to patch and manage against vulnerabilities.

Add to this the huge volume of healthcare data now being transferred every day: telemedicine video; connected medical devices; EMR information traveling from a clinical facility to the cloud; smart facility applications, such as light bulbs and wayfinding; and patients, clinicians, and administrators driving the need for Wi-Fi everywhere.

This complexity is continuing to accelerate with mobile, security, IoT and Cloud, and so to are the number of security vendors on the market. The average enterprise has between 50 to 100 different security vendors in their environments. However, organizations are not getting any more secure, no matter how much money they spend on this technology.

Organizations need to go beyond security technologies and tools, and rethink their philosophy when it comes to their security approach. Enter: clinical zero trust.

 

Clinical zero trust

In a traditional zero-trust environment, no person, device or resource is considered secure. It’s assumed a network has been breached, and uses a series of verifications to grant access to a specific user, at a specific time, to use a specific resource or functionality. Zero trust is also built around three key principles: visibility, segmentation and containment.

Clinical zero trust (CZT) builds on these cornerstones, while also addressing healthcare’s multi-faceted needs, including patient privacy, connected – and unconnected – medical and IOT devices, and virtual care.

But implementing CZT is no small undertaking. Healthcare systems are reliant on legacy systems that may not provide this type of authentication – not to mention the plethora of medical devices that are either outdated, unconnected or unaccounted for in any given facility.

Getting started with CZT

CZT isn’t a one-size fits all solution, and successfully implementing a strategy requires collaboration between the organization’s business, clinical and security stakeholders.

With that said, the planning and roll out of a CZT strategy can be broken down into five phases:

  • Identify everything operating in the clinical setting
  • Map the use of entities to understand how they are involved in care and business protocols
  • Engineer the environment to protect the integrity and flow of each protocol
  • Monitor the environment to understand the impact of the policies you plan to enforce
  • Automate the implementation wherever possible to maximize the benefits of a CZT stance

It can be a daunting task doing this on your own, which is why Cisco has partnered with Medigate to go beyond network visibility and provide actionable security insights for healthcare organizations. Combining Cisco’s comprehensive, end-to-end healthcare security portfolio with Medigate’s platform, organizations can gain greater insight into devices on the network, benefit from network analysis to detect threats, and implement clinically driven, rule-based policy enforcement mechanisms.

To learn more about how Cisco and Medigate can protect your organization, read more here.

Ron Rotman is a healthcare account manager at Cisco Canada.

 

Latest articles

Health Care Policy

Canada must act quickly to turn U.S. ‘brain drain’ into Canadian ‘brain gain’: CMA

By Dr. Joss Reimer Canada must act quickly to attract the American medical and scientific...
Technology and Innovation

Advancing health through innovation

On March 11, 2020, the world changed. The World Health Organization declared COVID-19 a pandemic,...
Education and Professional Development

College of Physicians and Surgeons of Ontario welcomes Physician Assistants as registrants

Physician Assistants (PAs) are highly skilled professionals who provide a range of medical services...
Research

Hospital visits for cannabis use linked to higher dementia risk, study finds

Individuals with an emergency department (ED) visit or hospitalization due to cannabis were at...

More like this

Technology and Innovation

Advancing health through innovation

On March 11, 2020, the world changed. The World Health Organization declared COVID-19 a pandemic,...
Technology and Innovation

Creating tiny biomedical factories from common bacteria

Engineered bacteria secrete powerful nanoparticles to aid in drug delivery, vaccines and treating medical...
Neurology

A new app can greatly improve ventriculostomy safety and accuracy

Access to potentially life-saving neurosurgical care remains very uneven worldwide, with potentially life-threatening consequences....
Technology and Innovation

Accelerating drug development with AI

Waterloo researchers use machine learning to predict how new drugs could affect the body.  Developing...
Infection Control

Using AI to improve hand hygiene and patient safety

The Ottawa Hospital (TOH) is the first in Canada to implement the Artificially Intelligent...
Technology and Innovation

Centralized booking and registration making hospital appointments easier

Scarborough Health Network (SHN) is delivering a superior experience for patients accessing healthcare services,...
Load more

Hospital News is Canada’s health care news source since 1987. Hospital News covers developments and issues that affect all health care professionals, administrators, patients, visitors and students. Hospital News is published monthly and is made available in distribution racks placed in high traffic areas in hospitals and related institutions across the country. It is also available by subscription.

SUBSCRIBE

To get the latest updates and editions from Hospital News

Subscribe

© 2025 Vertical Media. All rights reserved. All other trademarks are the property of their respective owners.