Channel Players Find IoT Security Play In Healthcare
Submitted by Lindsey O'Donnell on
After an initial audit, the solution provider found two big security gaps in the healthcare customer's solution. There was no device handshake when the data was pushed up to the server, meaning that there was no guarantee that the data was going where it was supposed to go. Also, the server didn't know that the devices pumping in data were approved devices.
"Originally, their device made the same assumption that a lot of devices do, which is that if I can plug the URL in the cloud and can toss data up to it, and its encrypted data – then it's secure. But what we pointed out to them was that there are two big security gaps there," said Blanchard. "Those were two really big security gaps we were able to fill in with the [Microsoft Azure] IoT suite and the device registration component to that."
In the case above, a solution provider stepped in and helped fix a security issue before it became a bigger problem. In the same way, solution providers can broaden their service offerings for health care clients, especially as hospitals gain a better understanding of how IoT security breaches can affect their systems.
"There already have been massive [attacks] against network cameras, like the one in October of last year that took down service provider Dyn and parts of the Internet. While this attack only took down parts of Amazon, Twitter and Netflix, imagine the same kind of attack against a hospital," said Meek.