Gaining Control Over Medical and IoT Devices

The healthcare industry is increasingly relying on real-time decision making, using data from a wide range of sources, such as electronic medical record (eMR) systems, medical devices, mobile and remote services, etc., to improve patient care and outcomes. We sat down to talk about what this move means for the industry and show how the health systems can get the insights and control they need to keep patient data and care safe. Key takeaways from that discussion follow, but if you are interested in seeing a detailed demo of the Medigate and Splunk solutions, you can also access the on-demand webinar, “Gaining Control Over Medical and IoT Devices.”

It’s All About Data

It takes a lot of data — about all the devices within the healthcare delivery organization (HDO) to make real-time decision-making work. These devices make up the modern, hyper-connected HDO, as health information systems interact with the critical care-delivery infrastructure over the same converged network. This results in private and sensitive data (PHI) being stored and transmitted by various unmanaged endpoints, including tens of thousands of medical, IoMT, and IoT devices on the hospital’s network. In light of this, it is extremely important for health systems to protect all the devices within their operations to ensure patient data and, ultimately, care remains safe and reliable. 

Unfortunately, that’s easier said than done. In 2019, cyberattacks on health systems jumped 60%; this year, healthcare delivery organizations continue to be a target. Most of these attacks exploit human weaknesses in some form or another ― they try to trick users (e.g., click on a link, open an attachment, go to a malicious site, etc.) or leverage bad practices (e.g., use easy to guess passwords, delay patching vulnerabilities, etc.) to gain entry. HealthITSecurity reported that an assessment of successful ransomware attacks at 50 hospitals found that: 

Requirements to Protect Data and Devices

To make sure health systems can protect their data and devices, they need to: 

  • Understand their environment, with detailed visibility into everything, managed and unmanaged, connecting to the network, so there are no blind spots and no devices unaccounted for within the health system’s security and management strategies. 
  • Manage risks posed by all the different devices in use in the network. This takes accurate assessments that can identify the devices that are most vulnerable and open to exploit, so health systems can focus resources and prioritize efforts, from patching to network-based protections, to effectively manage and mitigate the risks in their network. 
  • Detect and respond to attacks in the network. This takes monitoring and analyzing how devices are connecting and a contextual understanding of what to expect from different devices, so that anomalous behavior, out of flow communications, and unusual data or application usage, can be detected and stopped before it can do any damage.
  • Auto-mitigate risks through network-centric prevention that reduces the risks of the devices connecting to the network. By connecting the data and clinically-vetted recommendations to the enforcement points in the network (such as a firewall or NAC), health systems can auto-mitigate alerts to prevent ePHI data exfiltration and stop device performance manipulation.

How Medigate and Splunk Deliver

Medigate and Splunk have partnered to deliver a comprehensive clinical SOC solution that gives health systems the real-time data needed to detect, manage, and respond to cybersecurity events to keep their patient data and care safe. The information captured and analyzed by Medigate on the connected medical and IoT devices active in the environment, network communications, and risks detected are fed into Splunk’s Enterprise Security (ES) to enable sophisticated investigations and facilitate effective playbook development, incident response, and remediation activities.  – Read more

Learn More About Splunk

Surviving the Pandemic Requires Renewed Commitment to Cloud & Data

If we were to vote on the most overused word in 2020, “unprecedented” would be at or near the top of the list. And while we may be tired of hearing it, the fact is we’re all doing our jobs in a radically different way than we were in 2019. 

In the same spirit, we’re holding our first “cloud native” .conf event. We always want attendees to walk away with practical information they can put to use immediately to help their organizations get a competitive advantage. We will focus on sharing the ways we’ve helped our customers meet the challenges of the pandemic, from the realities of remote work to the increased focus on digital commerce and associated challenges not only to their IT and security infrastructure but to their viability as a business. 

We’ve seen our customers significantly increase the pace of their digital transformation plans and their focus on the fastest way to achieve it — the cloud and of course, Splunk. We’ve been talking about the value of cloud for years, but in 2020, any doubt went out the window as we witnessed 10 years worth of e-commerce growth in just three months.

At .conf20, you’ll learn the three major ways Splunk is addressing the challenges of the pandemic, the meteoric increase in digital transformation, the necessity of accelerating your cloud migration strategy and how data ties it all together.

We’ve Expanded Our Data-to-Everything Platform to Address Broadbased and Complex Data Processing Needs

According to Splunk’s recent report, The Data Age Is Here. Are You Ready?, 80% of organizations say data is critical to success. (I have no idea what business the other 20% are in.) We’ve gone way beyond the traditional logging capabilities of Splunk Enterprise so that our customers’ data can help them achieve the outcomes that matter most to them. We’re focusing on expanding the core platform beyond the index to power customers’ digital transformations through the data age.

At .conf20, you’ll learn about how we’re expanding our platform centers in five major categories:

  • Stream Processing enables insights and analytics much earlier in the data lifecycle
  • Machine Learning delivers AI-based insights for every type of user, from the practitioner to the data scientist
  • Scalable Index lets customers ingest, store, and deliver flexible schema-at-read analytics on massive volumes of data
  • Federated Search and Analytics deliver insights via a single-pane-of-glass against all your data, wherever it may live
  • Collaboration and Orchestration enables users and teams to leverage data as they naturally operate 

The New Splunk Cloud Experience Is Going Cloud Native

We’re making fundamental changes to the feature sets, operating models and architecture of our system to make our entire portfolio cloud-first. All Splunk customers will get the benefits of the cloud, including being able to take advantage of innovative new features as soon as they’re available. In just the last nine months, we’ve deployed more than 50 new capabilities across nine releases into Splunk Cloud.

This shift is not only about technology, but also encompasses business-model changes in pricing and packaging. This is the largest architectural change in Splunk history. It’s taken a tremendous amount of work from many, many people. But it will bring tremendous value to our customers. – Read more

Learn More About Splunk

The 5 Most Commonly Asked Questions About Cloud Solutions

We believe there are many reasons to migrate your organisation’s applications to the cloud, not least of which are cost savings, streamlined operations, redeployment of resources, reskilling of your internal teams and talent retention.  

In this blog, I answer the five most common questions I get asked about moving applications to the cloud, so you can make an informed decision about whether it’s the right thing for your organisation.  

1. Is it secure and where is my data? 

“Is it secure?”  is one of the most commonly asked questions about the cloud. But as the cloud has become universal in organisations, the nature of the question has changed. 

Every year, major cloud providers like Amazon and Microsoft spend billions to make their cloud services stable, robust and secure. Security measures and compliance certifications are available for all to see, and Microsoft’s cloud offering is as secure as it gets in terms of compliance, governance and physical security.  

The result? Today, almost everyone accepts that the cloud is secure. The conversation now is less around how secure it is and more around data control. It’s essential that organisations understand where their data lives, where it may go and who can access it in order to feel comfortable with moving to the cloud. 

A lack of understanding around how the cloud works is a barrier to adoption for many organisations. In the UK, law firms are amongst some of the most cautious adopters of cloud solutions, largely because of questions about where confidential client data will reside and who can access it.  

There needs to be an understanding that, by its very nature, the cloud exists in multiple locations – and your data can too. Azure, for example, for resilience can have multiple copies of data in multiple locations. And this conversation isn’t always an IT-led discussion; it needs the business to decide in which country their data should be reside, and whether they are comfortable with it potentially leaving UK soil. The cloud gives customers choice here, different services having different options about where data is stored, but it’s important that well informed decisions are made in this regard. 

Organisations need to know what they are letting themselves in for and understand how data will be stored and accessed which needs a complex, but not impossible, discussion about trust and understanding. In our experience, anyone who truly understands the options and how the cloud works has been confident in making an informed decision based on facts not fear.  

2.  Will all my IT staff be out of work/redundant? 

Generally, there isn’t a direct correlation between adopting cloud services and IT staff being let go.  We prefer to see this as freeing up IT staff to focus on more strategic tasks. 

Whether they’re in retail, manufacturing, healthcare or any other sector, businesses are trying to be ‘the best’ and provide the best service to their customers. IT should enable them to do that. It should be a supporter and enabler for a business to do its job and operate at its highest level. And for organisations that are held back by inefficient, outdated IT systems, embracing the cloud is one way to make improvements. 

Few organisations today choose to use physical servers; they are costly, require office space and need people to maintain and manage them. Solutions like O365 and Exchange Online are making delivery of common IT services easier, better and lower cost, and like it or not, the requirement for on-premise skills will reduce as cloud adoption becomes the new norm. As IT evolves, the skillset of IT teams needs to evolve with it, or face being left behind.  – Read more