itb-nz logo
Story image

Healthcare environments difficult to secure - Forescout

22 May 2019

Device visibility and control company Forescout Technologies, has announced insights from 75 healthcare deployments with more than 10,000 virtual local area networks (VLANs) and 1.5 million devices contained within the Forescout Device Cloud, with a specific focus on 1,500 medical virtual local area networks (VLANs) with more than 430,000 devices.

Launched in July 2017, the Forescout Device Cloud is one of the world’s largest crowdsourced device repositories and now contains more than eight million devices from more than 1,000 customers who share anonymised device insights. 

“The Forescout Device Cloud provides us with data from millions of devices around the world, and what we are releasing is just the tip of the iceberg,” says Forescout OT and industrial technology innovation head Elisa Costante.

“Our findings reveal that healthcare organisations have some of the most diverse and complex IT environments, which are compounded due to compliance risks.

“Every time a patch is applied, there is concern around voiding a warranty or impacting patient safety. These organisations are dealing with lifesaving devices and extremely sensitive environments.” 

The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks. IoT and OT devices are rapidly increasing in numbers, but traditional IT still represents the most vulnerable attack surface.

Forescout uses the Device Cloud data to analyse more than 150 attributes per device to bring increased device intelligence and improved auto-classification to its customers.

Forescout will leverage the data and intelligence gathered from the Device Cloud to generate future insights on the characterisation and risk posture of connected devices across industries. 

Forescout Device Cloud report key findings include: 

Healthcare OT increases attack surface 

Forescout researchers found that the most common devices on medical networks are still traditional computing devices (53%) followed by IoT devices (39%), including Voice over Internet Protocol (VoIP) phones, network printers, tablets and smart TVs.

OT systems, including medical devices, critical care systems, building automation systems, facilities, utilities and physical security, comprise eight% of the devices on medical networks. 

Within the OT device category, the three most common connected medical devices found were patient tracking and identification systems (38%), infusion pumps (32%) and patient monitors (12%). Considering the growing number of vulnerabilities in OT environments, we can see an increase in the attack surface in healthcare environments. 

Healthcare organisations riddled with devices running legacy Windows operating systems 

The Forescout Device Cloud Report highlights that 71% of Windows devices within these healthcare deployments are running Windows 7, Windows 2008 or Windows Mobile, with Microsoft support planned to expire on January 14, 2020.

Running unsupported operating systems poses a risk that may expose vulnerabilities and has the potential to impact regulatory compliance. 

Diversity of operating systems and vendor sprawl creates headaches 

The diversity of device vendors and operating systems present on medical networks adds to the complexity and increases security challenges.

Forescout’s research found that 40% of healthcare deployments had more than 20 different operating systems.

When looking at the different types of operating systems found on medical VLANs, 59% were Windows operating systems and 41% were a mix of other variants, including mobile, embedded firmware and network infrastructure and many more. 

In addition, more than 30% of healthcare deployments had 100 or more device vendors on their network.

Patching in healthcare environments, especially acute care facilities, can be challenging and require devices to remain online and available.

Some healthcare devices cannot be patched, may require vendor approval or need manual implementation by remote maintenance personnel. 

Vulnerable protocols are leaving a door open 

Eighty-five percent of devices on medical networks running Windows OS had Server Block Messaging (SMB) protocol turned on, allowing uncontrolled access for attackers to get beyond the perimeter and move laterally.

Device manufacturers sometimes leave network ports open by default—often unbeknownst to IT and security staff. 

Story image
IDC announces digital transformation award winners for A/NZ
The awards recognise the achievements of organisations that have successfully digitised one or multiple areas of their business through the application of digital and disruptive technologies.More
Story image
Gartner reveals the top strategic tech trends for 2021
“CIOs are striving to adapt to changing conditions to compose the future business - this requires the organisational plasticity to form and reform dynamically. Gartner’s top strategic technology trends for 2021 enable that plasticity.”More
Story image
IDC: Digital infrastructure will be the catalyst for success post-pandemic
If organisations properly apply the key digital infrastructure tenets - technology adoption and IT governance - then revenue growth and business expansion will soon follow, according to the research.More
Story image
BayCom partners with NICE inContact to offer cloud contact centre platform in NZ
“With our extensive experience in the industry, BayCom has the ability to design, implement and support CXone nationwide, providing organisations with an industry-leading Contact Centre as a Service (CCaaS) solution to deliver on their customer experience strategies.”  More
Link image
Cloud telephony 101: The business case to replace on-prem phone systems
A growing number of organisations are using Microsoft Teams for cloud telephony, fully replacing legacy on-premises phone systems. Here are the benefits.More
Link image
Save the date: 28 October is the day your CX will be supercharged
Learn from the experts at Zendesk and ESG to find out how you can supercharge your customer experience approach in this exclusive online event! Register now.More