A steady stream of new network-based devices has made its way into healthcare environments to provide the most effective patient care efficiently. Telemetry monitors, purpose-built smart devices, infusion pumps, and EKG machines are just a few Operational Technology (OT) devices relying on the IT network infrastructure.
With healthcare adopting the Internet of Things (IoT) practices to improve patient care, there is additional strain and pressure dumped on various supporting teams. This extra pressure comes in two forms: 1) more work as the volume of devices increases, 2) new requirements force changes to system architectures and methods for support and operations.
The OT side of healthcare consists of a vast array of medical devices and the specialists that operate and maintain them. Once autonomous and self-contained, these devices are now part of a larger eco-system that feeds Electronic Medical Records (EMR) systems.
In addition to ensuring each device works reliably when performing its healthcare function, the Biomed team is also responsible for connecting the device to the network.
The IT side of healthcare provides network, storage, and server infrastructure for administrative and OT users and functions. The rapid growth of IoT devices has placed enormous strain on the network, and requirements for reliability, performance, and quality are only increasing.
The lack of security features on medical devices means the network has to take up the slack by segmenting medical device traffic from all other traffic.
Securing this system and proving requirements for privacy and regulatory compliance are met have become a monumental task for the security team. New vulnerabilities, new attack vectors, new equipment, and new communications requirements translate to an ever-changing threat landscape.
According to a 2018 IoT customer survey conducted by Bain & Company, security concerns and difficulty integrating IT with OT are the top two barriers to adopting additional IoT technology. Only through diligent cooperation between IT, OT, and security teams will these barriers be overcome.
IoT Operational Lifecycle
Lifecycle approaches to managing IT systems and their constituent parts have traditionally yielded the best results. Managing IoT systems, in the same manner, produces similarly successful outcomes. There are five stages to the IoT lifecycle.
- Inventory: What is running on my network, and where is it?
- Performance: Can my critical IoT devices connect and perform their function well?
- Baseline: What does ‘normal’ behavior look like for these devices?
- Mitigation: Alert me when devices deviate from normal behavior; take action to mitigate the issue.
- Prevention: Ensure proper policies in place for IoT devices to mitigate future issues.
SD-WAN and ENI for Healthcare
IoT devices in a single healthcare system can number into the thousands. The sheer volume of data needed to manage this vast array of devices means that it should not be collected or analyzed manually. This is where VMware SD-WAN and Edge Network Intelligence (ENI) shines. Its combination of Artificial Intelligence (AI) and Machine Learning (ML) guides healthcare organizations through the IoT operational lifecycle.
New devices are identified and onboarded using the AI/ML engine. Detailed device information such as model, software version, serial number, hostname, and location is gathered and visible inside the dashboard. Integration with inventory management systems or Configuration Management Databases (CMDB) allows SD-WAN and ENI to fit into existing IT processes.
Distributed performance data is consolidated to provide real-time information on client status. Granular visibility for each device includes network and application-level performance statistics, including Wi-Fi, network services, WAN conditions, and application response times.
By analyzing data across the environment, the baseline of normal behavior is learned. In addition to performance baselines, communication baselines are also profiled for each device and device type. The system learns each appliance’s ‘personality’ by observing communication patterns – destinations, protocols, SSID, VLAN, etc. Suspicious activity, such as talking to a new destination, is flagged and easily identified in the dashboard.
Baselines also add quantitative data to system changes. Rather than guessing or relying on anecdotal user information, the VMware solution provides change verification in the form of before and after performance comparisons.
If a deviation from normal behavior is detected, it must be acted upon quickly. Integrations with Security Information & Event Management (SIEM) systems allow VMware’s system to align with existing cybersecurity workflows, be they manual or automated.
Integrations with IT service desk applications, such as ServiceNow, ensure the efficient communication of alerts and information to IT staff.
Because most IoT devices are lightweight, single purpose, and lack security features, it is best to implement some form of network segmentation to prevent direct communication between devices that should never speak to each other. This segmentation can be as broad as separating IT from OT or as granular as separating each OT device from every other OT device – micro-segmentation. Integrating with existing Network Access Control (NAC) systems, VMware SD-WAN extends the segmentation between the edge and the datacenter.
Healthcare practitioners have many tools at their disposal to improve the quality of care for their patients. These tools are network-enabled and growing in number, forcing IT, Biomed, and security teams to adapt their support practices.
Each team needs data to perform their duties in support of the new devices effectively. The extra data means that blind spots can be eliminated if interpreted correctly and acted upon quickly. AI/ML-enabled tools such as VMware SD-WAN and ENI replace error-prone, time-consuming, and inefficient manual processes with more accurate, responsive, and powerful ones.
Only by working together to combine increased security with enhanced performance will IT, Biomed, and security create the operational assurance needed to realize the goal of providing the most effective patient care most efficiently.