Can your heartbeat be hacked?
It’s human nature to want to ensure the safety and security of our loved ones, financials, and health. From more complicated tasks such as selecting the safest car seat for a child to simple safety routines like looking both ways before crossing the street, security in every sense is always top of mind for individuals.
The same goes for businesses, which not only have to secure intangible assets such as business-critical information, but are also focused on protecting physical assets like products and employees. As the shift toward a more mobile workforce continues, the influx of connected devices -- or the Internet of Things (IoT) -- is making it more difficult for businesses to protect and secure their assets. This is especially true for the healthcare industry, where the hype around the IoT overshadows the focus on implementing security protocols for connected devices.
Predicted to be a $117 billion industry by 2020, healthcare IoT is poised for tremendous market growth. Such growth reinforces the need for businesses to put advanced security measures in place to protect patient information being gathered in a medical facility or in the field. The influx of hacks and breaches on healthcare information (such as with Anthem Healthcare and Premera) only drives home the importance of protecting your healthcare business against security attacks.
Greater security starts with protecting from all angles
To effectively protect patients’ healthcare information, the first step for building an IoT security strategy is securing all of the connected devices in your mobile ecosystem. Already a hot topic, device security can mean instating measures from two-factor authentication and unique passwords, to locking capabilities such as fingerprint recognition all on one device to keep hackers out and sensitive information protected. These measures are the first line of defense, and can be achieved at a higher efficiency if the devices are corporate liable (provided by the business) versus bring-your-own-device, due to the lower level of mobile device management policies that can be put in place by the business.
The next, and arguably most important, step in safeguarding IoT devices is securing the network that they are connected to. From utilizing private Access Point Names (APNs) for IoT deployments or leveraging infrastructure that is connected to underlying service providers (such as AT&T or Verizon), there are defense protocols to meet when rolling out an IoT deployment across a network. Should the networks the devices are connected to have any "holes", they create an entry point for hackers to access the information stored on the device -- no matter how physically secure the device may be. Pertinent patient information, such as health records, are maintained on these devices and updated in the field as healthcare workers track vital signs, medications and more.
Moving forward, it will be a standard part of doing business to understand the ever-evolving security measures needed to keep the healthcare industry and its consumer information secure in the IoT. Predicted by Gartner to be at the peak of the inflated hype cycle, it’s clear that the Internet of Things is not just a subtle trend that will eventually fall off the map. In the healthcare industry, we’ve only just begun to see how the IoT will change the day-to-day for both doctors and patients alike.
The IoT provides many opportunities for businesses to operate more efficiently and at a lower budget, but this is only true if they have the proper security protocols in place. To ensure healthcare organizations achieve the most out of their IoT implementations, they need to secure both the devices and networks to which they are connected.
Max Silber is Vice President of Mobility at MetTel. He is responsible for the mobile division’s operations and business development initiatives. With 20 years of experience, he has served in a variety of product, sales, and business development positions with some of the world’s most innovative technology and telecommunications companies. Prior to joining MetTel, he served as senior vice president of business development for IDT Corporation, where he led the company’s managed services and mobility business unit. Prior to joining IDT, Mr. Silber was vice president of business development at Net2Phone Inc., and held similar management positions at Amtel and GTE Spacenet, Inc.