IoT DEVICE SECURITY SOLUTION DESIGNED FOR HEALTHCARE
Tracelay Next-Gen clinical SOC platform which automatically discover's & fingerprint clinical network and manages the security posture of all device. The platform fuses the knowledge of medical workflows and device behavior and protocols with networking and cyber security expertise. Its healthcare-dedicated IoT and and IoMT device security platform provides comprehensive IoT and IoMT visibility used to devise clinically-driven policies and feed them into the Cisco Identity Services Engine (ISE) for seamless enforcement. The platform empowers with a complete visibility into all connected IoT and IoMT devices that enable the creation of granular device profiles. Its platform also maps all internal and external communication of connected devices and detects suspicious activity that can trigger access restriction via ISE. The platform researchers leverage the gathered network intelligence to devise dACL or SGACL policies tailored to the hospital’s network which are automatically fed into network devices
We uses Deep Packet Inspection to identify all infusion pumps from passively-collected network traffic, relying on a deep understanding of their communication protocols and workflows to extract their technical attributes. Unlike manual CMMS data entry, the network-based approach is automatic, always up-to-date and highly reliable. Our unique clinically-focused DPI was found superior in comprehensiveness, granularity and precision compared to probabilistic approaches, such as AI/ML-driven.Using the same clinically-based DPI method, the platform extracts the infusion pumps’ utilization data, such as online/offline times, and presents tailored reports that deliver optimization insights.Data from wired and wireless IT management systems such as Air Wave and Cisco Prime, NACs, and network-based DPI are combined to quickly and efficiently locate each infusion pump within the premises.
The IoMT Platform creates a unified, online view of infusion pumps’ operating systems, hardware and app versions combined with a feed of available firmware and software updates, relevant vulnerabilities, and recall announcements. With this data, the team can now control the security and ensure the functionality of all devices, in addition to compliance requirements.
Clinical networks, like any other mission-critical networks, require high security standards. Network Access Control (NAC) products are a central part of a comprehensive security solution, ensuring authorized access to network resources by users and devices. However, in clinical environments, NACs cannot fully function without clinical context. They lack the clinical expertise required to fully identify all connected IoT and IoMT devices and leverage that visibility to enforce clinically-driven policies.Furthermore, while NACs enable preventative actions such as limiting a device’s network access, they require clear triggers as to when and why they should take such action. These triggers require detailed device profiling and behavior analytics that NACs alone cannot offer in a clinical environment. Finally, devising efficient authorization and segmentation policies in clinical networks through NACs require an intimate understanding of devices’ manufacturer-intended workflows, their communication patterns, and their functionality in the clinical setting. All of that across numerous device manufacturers and models employing proprietary protocols with little to no documentation. Without such understanding, administrators cannot create granular policies that restrict anything but the devices’ as-intended behavior and protect the clinical network.