Medical Device Security with IT Platforms and Technologies: Paper
Medical devices, such as infusion pumps, patient monitors, and MRI scanners, can be just as susceptible to malware as standard computers. Keeping them secure in any networked environment is certainly challenging, and the stakes are particularly high for these particular applications since they can affect patient care and outcomes.
Proving this point, McAfee and a medical equipment manufacturer recently raised awareness of security holes with potentially life or death consequences; they identified a networked insulin pump with a security flaw, which allows the device to be hacked and subsequently administer a potentially lethal amount of insulin to diabetes patients. Although not typically the target of cyber attacks, medical equipment can become “collateral damage” in a malware outbreak, or even be the weak link that opens the door to a cyber attack.
As the complexity of the network increases, securing devices becomes more complex for both the manufacturers and hospital IT organizations. However, this complexity is reduced significantly when medical devices are designed for security using models similar to typical networked clients. This synergy enables hospital IT personnel to apply consistent security strategies across the network, making it easier to administer and monitor equipment. Moreover, as new technologies and methods roll out to thwart attacks, they could be implemented in a similar fashion across the network.
Read the full Medical Device Security with IT Platforms and Technologies White Paper.