Network Access for Medical Devices

Share Post

Whenever I talk to Aruba Healthcare customers I always ask if they know their Director of BioMedical Engineering.  Not just do they know who holds that position in the hospital, but if they know them; their name, where they sit, what kind and how many pets they have.  This is important because BioMed is responsible for far more devices, or things, on the network than any other group in the hospital.  One customer, a large Healthcare system, told me they have around 30,000 clinician devices connected to their network – laptops, tablets, smartphones, etc. – devices actually held and carried by doctors, nurses, and staff.  That number is dwarfed by the number of medical devices, or things, that are connected to the network: 85,000 at last count.  The same ratio has been confirmed by several customers – there are typically 2-3 times more medical devices on a hospital network than computers or other traditional network clients.

medical devices blog.png

There are several challenges brought on by this fact.  First, these devices are things and don't have a concept of "username" when it comes to logging on the network.  Medical devices need to turn on and connect, most times they don't even have a keyboard or efficient input device if they could enter a real-time password.  Clearly, any form of pre-shared key is less secure.

Second, there are thousands of types and manufacturers of medical devices and they don't have the same network capability.  Some might support certificates and 802.1x, some might support WPA-2, and still others only support WEP.  Some may support Ethernet, some may support Wi-Fi, and some actually support both.  There is a wide variety of chipsets and connection hardware that needs to be supported.

medical device 2 blog.pngFinally, these devices and their connections to the network are becoming more and more critical to care and treatment workflows.  Smart infusion pumps consult server based drug libraries to ensure inappropriate drugs are not inadvertently given to a patient. Heart rate monitors connect to systems so the appropriate people are notified if there is an event, regardless of their location. Wi-Fi enabled X-ray machines can go to the patient which is helpful when mobility is compromised.

It is critical to keep these devices connected to the network, but connect them securely and conform to HIPAA data privacy requirements. Regardless of the network capacities of the device, they have to be on the network, the data secure, and the device itself protected against attacks.  Aruba ClearPass Profiler allows each device to be recognized for what it is – and put each device in the appropriate security profile.  Poorly behaving, or even compromised, medical devices can then be quarantined from a network perspective so the impact to the patient's, and the networks, health is minimal.

To see how Aruba can help start with Aruba's Healthcare solution page. If you are on the IT staff of a hospital or other healthcare facility, ask yourself if you would recognize someone from the BioMed team if they walked by you in the hall.  You should know them, and working together you can create a more functional and secure network for that will improve patient outcomes.

Rick Reid is a senior product and solutions marketing manager for healthcare at Aruba, a Hewlett Packard Enterprise company. 

Images source: Google Images