the power of healthit at the intelligent edge · patching iot devices often does not scale well in...
TRANSCRIPT
![Page 1: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/1.jpg)
1
The Power of HealthIT atthe Intelligent Edge
Session #181 , March 7, 2018
Tom Bradicich, PhD @TomBradicichPhDVP & GM, IoT & Converged Edge Systems, Hewlett Packard Enterprise
Gary HornVP Technical Services, CTO, and CISO, Advocate Health Care
![Page 2: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/2.jpg)
2
Tom Bradicich, PhD
Gary Horn
Have no real or apparent conflicts of interest to report.
Conflict of Interest
![Page 3: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/3.jpg)
3
Learning Objectives
• Explain why device and clinical system connectivity as part of IoT strategy is necessary when delivering critically patient data
• Identify best practices for planning IT transformation to support new quality/prevention care models
• Explain the typical stages and progression of digital transformation related to IoT, mobility and beyond
• Provide attendees with a better understanding of how technology tools can improve operational efficiency, clinical outcomes, and the patient experience
![Page 4: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/4.jpg)
4
Everything can be
controlledEveryone & everything will be
connected
Everything will
compute
People, places, and things reside at the “Edge”
@TomBradicichPhD
![Page 5: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/5.jpg)
5
The “Edge” is a place, that’s connected to the cloud
@TomBradicichPhD
Data Center / CloudThe “Edge”
![Page 6: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/6.jpg)
6
The “Edge” is a place, that’s connected to the cloud
@TomBradicichPhD
Data Center / CloudThe “Edge”
Things, people, places at the edge. . .
![Page 7: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/7.jpg)
7
The “Edge” is a place, that’s connected to the cloud
@TomBradicichPhD
Data Center / CloudThe “Edge”
Things, people, places at the edge. . . have lots of pent-up data in them . . .
![Page 8: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/8.jpg)
8
− Efficiency
− Discovery
− Quality
The “Edge” is a place, that’s connected to the cloud
@TomBradicichPhD
Data Center / CloudThe “Edge”
Things, people, places at the edge. . . have lots of pent-up data in them . . . with new insights & value
![Page 9: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/9.jpg)
9
Data Center / CloudThe “Edge”
The Healthcare “Edge” and IoT is a new frontier
@TomBradicichPhD
![Page 10: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/10.jpg)
10
Data Center / CloudThe “Edge”
The Healthcare “Edge” and IoT is a new frontier
@TomBradicichPhD
Patient Flow
Bio Wearables
BioMedicine
Patient Wayfinding
Temperature Monitoring
Elderly Care
Ambulance connectivity
Hospital Cleaning (Environmental Services)
![Page 11: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/11.jpg)
11
How do we make the Edge intelligent?
Security built in from the beginning Services from concept to deployment
The “3 C’s” of the intelligent edge and IoT:
@TomBradicichPhD
![Page 12: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/12.jpg)
12
How do we make the Edge intelligent?
Security built in from the beginning Services from concept to deployment
The “3 C’s” of the intelligent edge and IoT:
@TomBradicichPhD
![Page 13: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/13.jpg)
13
How do we make the Edge intelligent?
Security built in from the beginning Services from concept to deployment
The “3 C’s” of the intelligent edge and IoT:
@TomBradicichPhD
![Page 14: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/14.jpg)
14
How do we make the Edge intelligent?
https://youtu.be/ojRc7rE8MtM
The “3 C’s” of the intelligent edge and IoT:
@TomBradicichPhD Security built in from the beginning Services from concept to deployment
![Page 15: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/15.jpg)
15
Real World Example
Gary HornVP Technical Services, CTO, and CISO
Advocate Health Care
![Page 16: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/16.jpg)
16
Advocate Health Care Largest health system in Illinois
400 sites of care, including 12 hospitals and the state's largest integrated children’s network
Best Places to Work in Illinois (Daily Herald/Business Ledger)
35,000 associates, 6,000 affiliated physicians and 10,000 nurses
Fourteen-time recipient of Hospitals & Health Networks 100 “Most Wired” award
Academic and teaching affiliations with all major universities in the Chicago Metropolitan area
Advocate is committed to create the safest and best place for patients to heal, physicians to practice and associates to work. Safety, quality, service - Always
![Page 17: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/17.jpg)
17
What is IoT The Internet of Things is the network of physical objects not limited
to devices, vehicles, buildings, and other items embedded with electronics, software, sensors, and network connectivity that enables these objects to collect and exchange data
IoT goes by various names but the concept is the same
M2M (Machine to Machine)
World Size Web (Bruce Schneier)
Internet of Everything - IoE (Cisco Systems)
IoT is everywhere
![Page 18: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/18.jpg)
18
IoT is Everywhere
![Page 19: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/19.jpg)
19
The Growing Trends of Mobility and IoT270B App Downloads
as of 2017 *1
1.5B Smartphonesshipped in 2016 *2
Enterprise mobile app. X4by 2018 and 60% of apps created
will have no PC antecedent *3
![Page 20: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/20.jpg)
20
IoT World of Connected Services
The Healthcare and Life Sciences Service Sector
Care - Hospitals, ER,
Mobile POC, Clinics,
Doctor Office, etc.
In Vivo/Home - Implants
(pace makers, etc.),
Home Monitoring
Systems
Research - Drug
Discovery, Diagnostics
and Lab equipment
![Page 21: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/21.jpg)
21
The Basic Concerns Around IoTAn IoT device is just another computer, correct?
All of the same issues with vulnerability management, access control monitoring, patching, etc.
High-impact with hundreds of thousands or more IoT devices on the network
Any compromised device can take a foothold on the network
What additional risks does IoT Pose?
Definition of the network perimeter (objects not designed to be Internet connected)
Capture of the devices during vulnerability scans
Consumer devices interfering with critical network devices and services
Lack of device management software
Data and inadvertent breaches
An easy attack vector
![Page 22: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/22.jpg)
22
IoT SecurityWhy IoT Devices are subject to attack
Difficult to update OS and firmware
Default, weak, simple, or hardcoded credentials
Vulnerable web interfaces (XSS, SQL injection)
Poor vendor support to address vulnerabilities
Coding errors (buffer overflow)
DoS / DDOS
Physical theft and tampering
Clear text protocols, unnecessary services, and unneeded open ports
![Page 23: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/23.jpg)
23
IoT SecurityWhat has been learned from recent IoT related incidents
Vendors often delay or ignore response to issues
All software and firmware can and probably does contain vulnerabilities
Product lifecycles and end-of support ignored by users
Patching IoT devices often does not scale well in large environments
Significant delay in informing the public of vulnerabilities and related issues
![Page 24: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/24.jpg)
24
Distributed Enterprise / SP Architecture
NOC
OR
AirWave Network
ManagementMobility
Controller
ClearPass Access
Management
Branch Controller
CAPs
Mobility Switch
Instant
Cluster
Virtual Intranet
Access (VIA)
Client
Branch On The Road
Instant / RAP
Home Office
Internet / WAN
![Page 25: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/25.jpg)
25
Unified Access Strategy
User
Management
Media
SecurityApplication
QoS
Device
Management
Network Operations & Programmability
FE/GigE 802.11n/ac
Application
Analytics
Provide a seamless, consistent high quality user experience
Simplify operations and improve network security
Protect investment
![Page 26: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/26.jpg)
26
ClearPass and Palo Alto Networks
Mobility Network
ServicesCore AAA, NAC
Device Profiling
Guest + BYOD
Aruba MOVE &
ClearPassPalo Alto Networks
Context:
Exchange rich endpoint
context
Trigger real-time, intelligent
network policies
Extendable architecture
Support for IoT containers
![Page 27: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/27.jpg)
27
Secure and Scalable IoT Deployment
SPB standard Scalable
Availability
Virtualization (Multitenant)
Enabled by a single network with simple operations, high reliability, and tight security
Accessible only by compliant devices
Contains only the traffic from the IoT system
Provides the quality necessary to run the IoT application successfully
UA with Smart Analytics
Auto Containment
Authentication
Rogue traffic prevention
Intelligent Fabric
Auto Chassis
Auto Topology
Self healing
An IoT Container is a secure virtualized network
![Page 28: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/28.jpg)
28
Profiling for Policy Enforcement
Universal Profile
Classify
Authorize
Auto
Provision
Container
Quality/Priority
Security
Container: VLAN, ISID
Quality/Priority: QoS, Bandwidth
Security: ACL, App Visibility & Control
Network Provisioning
SecurityProfile
Quality of Service
Priority
User Device
User Profile
![Page 29: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/29.jpg)
29
IoT: Threat vs. Opportunity The IoT is propelled by an exceptional convergence of trends: mobile phone ubiquity,
open hardware, big data, Artificial Intelligence, cloud computing, 3D printing, and crowdfunding *1
The world is rapidly evolving to where just about everything will be connected
The number of cyber attacks will rapidly increase
Privacy and security must be fully addressed
So…
If misunderstood and misconfigured, IoT poses risk to data, privacy, and safety
But…
If understood and secured, IoT will enhance communications, lifestyle, and delivery of services
![Page 30: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/30.jpg)
30
IoT: Threat vs. Opportunity The IoT is propelled by an exceptional convergence of trends: mobile phone ubiquity,
open hardware, big data, Artificial Intelligence, cloud computing, 3D printing, and crowdfunding *1
The world is rapidly evolving to where just about everything will be connected
The number of cyber attacks will rapidly increase
Privacy and security must be fully addressed
So…
If misunderstood and misconfigured, IoT poses risk to data, privacy, and safety
But…
If understood and secured, IoT will enhance communications, lifestyle, and delivery of services
![Page 31: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/31.jpg)
31
2% of Medicare reimbursements at risk based on Patient Satisfaction ratings (Value-based Purchasing)
$150 billion dollars annually are lost due to appointment no-shows
40% of patients and visitors depend on hospital staff for Wayfinding assistance
Over 1 hour per day of nurse time used looking for someone or something
Wayfinding, Navigation and Location Services
eCheck-in upon arrival
Reduced stress & anxiety
Meet Me and Parking features
Reduced late & missed appointments
Improve utilization of staff, resources and
space
Faster, location-aware incident response
Security agent location tracking
Patient flow and dwell/wait times
Staff work flow optimization
EnhancePatient/VisitorExperience
ImproveOperationalEfficiency
BetterSecurity & EmergencyResponse
BuildingIntelligence
Location Services
![Page 32: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/32.jpg)
32
Beacons
NAO SDKIndoor location
& geofencing
Setup and
maintenance
application
NAO Logger
Setup, Configuration &
Monitoring
Third party
tags / asset
tracking
subsystem
s
People & asset
tracking application
NAO Track
Analytics
NAO Cloud
![Page 33: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/33.jpg)
33AP is a BLE Beacon (geolocation, geofencing)
Two Different Approaches
AP is also a BLE scanner (asset tracking)
![Page 34: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/34.jpg)
34
Pros and Cons Compatibility
No high-level international standard
Complexity
Many points of failure, technical and
operational
Privacy and Security
Sensitive data in the wild
Safety
Manipulation of data
Loss of human skills
Social interaction
Automation and Control
Efficient M2M communication results
in time savings
Information and Big Data
Knowledge is power
Communication
Complete transparency, fewer
inefficiencies, and greater quality
Monitor
Real-time measurement of just about
anything
Overall quality of Life
![Page 35: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/35.jpg)
35
Summary• Seven Principles of IoT at the Edge
• The 3 C’s
• IoT
• Location Services
![Page 36: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/36.jpg)
36
Questions
Tom Bradicich, Ph.D
VP and GM, IoT and Converged Edge
Hewlett Packard Enterprise
@TomBradicichPhD
Gary Horn
V.P., Technical Services, CTO and CISO
Health Informatics and Technology
Advocate Health Care
![Page 37: The Power of HealthIT at the Intelligent Edge · Patching IoT devices often does not scale well in large environments Significant delay in informing the public of vulnerabilities](https://reader036.vdocument.in/reader036/viewer/2022070718/5ede3eecad6a402d66699093/html5/thumbnails/37.jpg)
Please use blank slide if more space is required for charts, graphs, etc.
To remove background graphics, right click on selected slide,
choose “Format Background” and check “Hide background graphics”.