COVID-19 has hit the United States and many other countries hard. One critical need is ventilators. According to a report by The Society of Critical Care Medicine, the United States has approximately 200,000 ventilators of any kind and only 62,000 full-featured ventilators – which typically means they are network-connected and monitored. A report from Health and Human Services estimates 865,000 patients in the US would be hospitalized during a moderate pandemic, and up to 9.9 million could be hospitalized with a major pandemic such as the 1918 influenza pandemic.
The good news with the COVID-19 pandemic is that companies such as Dyson, Ford, GM, and 3M have pivoted their manufacturing capabilities to produce thousands of new ventilators to meet this demand. Most of these will be “smart ventilators” that can track patient usage, and a large number will be network-connected for real-time patient monitoring.
As a flood of ventilators hit hospital networks, biomedical staff should be wondering “how are we going to identify, protect, maintain and update these systems?”
Face it, Excel spreadsheets don’t scale very well. Not to mention they become outdated almost as quickly as they are developed. Even a dedicated biomedical device tracking database can quickly become outdated as engineers become too busy to update the database as they deploy equipment. With the expected crush of COVID-19 patients, the process of updating the database of medical devices will get pushed to the side to save patient’s lives.
Hospital IT staff, along with biomedical engineers, must wonder how they will secure and monitor these devices from malware and ransomware attacks. Hundreds of ventilators per day could be flooding your hospital, attached to the hospital WiFi network or plugged into network jacks in makeshift hospital rooms.
Even after the current pandemic, managing this mad rush of ventilators will be a challenge. Keeping them updated with the latest software from the manufacturer will be a challenge, and critical to protecting the device from malware.
A better way to inventory ventilators and other medical devices is via automation. Using software from companies such as Medigate, you can automatically find and catalog all the new ventilators plugged into your network. Information such as operating system, medical bill of materials, patch version, MAC and IP address, and many other parameters can be captured and utilized in managing the devices.
Once ventilators are found and identified, the information about these devices can be sent to security automation tools such as Cisco ISE and Fortinet FortiManager. Here, security policy automation can be used to set up access control lists for each device, restricting inbound and outbound traffic to appropriate hospital information systems, patch management tools, and network monitoring tools.
Once the security is in place to protect these ventilators, your security team needs to monitor the devices for compliance reporting, malware attacks, east-west attacks, theft, and other potential security issues. Tools like Medigate and Fortigate can send logs, alerts, and alarms to tools such as Splunk, where you can aggregate the information, drill down to find context and details, and look for trends that may show hacking attempts or performance problems. Your security team can watch for anomlies and investigate problems to ensure the devices are protected and just as importantly, that they are not infected and acting as hosts to attack other higher-value targets on your network.
If you are struggling with managing this flood of new medical devices hitting your network, give me a shout. I can help you map out a plan to inventory, secure, and monitor these devices in a safe, secure, organized fashion.
Leave a Reply