IoT Use Cases in Healthcare at Baptist Health.
Baptist Health comprises nine hospitals, 23,000 employees (along with over 2,000 independent physicians), operates more than 400 points of care, and has nearly 2,500 licensed beds in its full-spectrum health system. The organization’s employed provider network, Baptist Health Medical Group, has close to 1,500 providers. This includes more than 750 physicians and over 740 advanced practice clinicians.
Baptist Health is working to strengthen its cybersecurity posture and Zero Trust platform by adding more layers of defense. And equipping itself with the relevant tools to protect against the next generation of attacks.
Baptist Health’s IoT Challenges
Baptist Health operates and relies on an extensive system of medical devices, IoTs, and traditional IT equipment… Properly managing all of these is essential to ensure the effectiveness of cybersecurity efforts and achieve optimal healthcare IoT Security.
An asset inventory is, therefore, critical. However, an accurate asset inventory is difficult to achieve. A lack of Layer 1 visibility means that “understanding what’s in our facilities at any given time is a big challenge,” says Michael Erickson, CISO of Baptist Health (Preventing ‘Rogue Device’ Attacks: A Case Study). This is a significant risk as the new generation of attack tools is “getting more sophisticated and smaller.”
Using IoT in healthcare can be challenging. These malicious tools hide within other assets – be it medical devices, IoTs, peripherals. And they exploit the Physical Layer blind spot by spoofing legitimate devices. “If you have an attack tool that’s designed to actually look like, or simulate or impersonate something that’s relatively benign, and it’s in your environment and it’s not doing anything, it’s pretty difficult to know that it’s there”, says Michael.
These challenges highlight the importance of effectively managing IoT use cases in healthcare, as they are an integral part of the healthcare technology landscape and can be vulnerable points for cyberattacks.
Ensuring Device Integrity and Security with Sepio
Security solutions cannot differentiate between a legitimate HID, a MAC spoofing device or any other rogue device (Bad USB). Thus, allowing the latter to bypass security controls and initiate harmful attacks. With countless devices in use at Baptist Health, ranging from critical medical devices to everyday peripherals, there is cause for concern regarding their integrity. “When you think about the delivery of a piece of equipment, are we able to be sure that the equipment that was delivered is actually what was designed by the manufacturer?”
Read our case study to learn how Sepio provides 100% hardware device visibility for IoT use cases in healthcare.Download Case Study