Keeping medical IoT devices secure is possible with best practices including keeping devices patched and isolated, implementing tools and processes to detect and mitigate threats, checking IoT device firmware and patch levels during routine maintenance, and tightening system and service access controls, reports Forbes.
Unlike home environments, the security risks associated with IoT devices in medical applications can have life-or-death consequences. Meanwhile, security vulnerabilities in medical devices are well documented. Last year, one U.S. Food and Drug Administration advisory revealed that 11 vulnerabilities were found in IPnet, “a third-party software component that supports network communications between computers.”
Medical devices, specifically ones that are directly involved with monitoring patients or actively keeping them alive, have an additional challenge. If a vendor botches a patch, lives are at stake. Because of the consequences of failure, medical devices have very strict change management and patch validation routines. They have to be thoroughly tested because failure is not an option. Unfortunately, all these factors combine to make medical IoT devices especially vulnerable to attack and equally difficult to maintain and defend.
Read more in Forbes.