Here are a few they suggest:

• Accurate discovery and inventory – simple and organized protocols for identifying, locating and assessing the use of pumps, including mobile and rental equipment. This ensures accurate inventory that can be shared with asset management or computerized maintenance management system (CMMS) solutions, and helps with procurement planning and eliminates costly underutilization of rental equipment. A location feature is also handy for preventive maintenance and manually fixing an issue.


• Holistic risk assessment to proactively identify flaws and compliance gaps – systems collect insights from AI-based deep-risk assessments, including threat indicators (i.e., abnormal device connections); monitor CVEs and consider recalls, MDS2 data, EPHI information and vendor patching; and have a risk assessment strategy in place, including for integrating third-party vulnerability management systems.


• Apply risk reduction policies – real-time risk monitoring, reporting and alerting can proactively reduce IoMT risk. This can include consistent profiling of device activity to form zero trust policy recommendations for trusted access and segmenting infusion pumps from other IoT devices to reduce attack radius (i.e., devices should have own isolated VLANS)


• Prevent threats – Built-in prevention capabilities block known targeted IoT malware, spyware and exploits. This prevents the use of DNS for C2, stops access to bad URLs and malicious websites that leads to loss of sensitive patient data, and allows for swift responses to threats.

“To successfully implement secure clinical and device workflow management that is scalable, yet practical to maintain and enforce, the methodology should also alleviate the escalating operational burdens of securing and managing medical devices for both network security and clinical support teams," said Unit 42.

Back to HCB News

Health IT Homepage