5 Principles for Creating Secure Healthcare IoT Devices

Medical device manufacturers (MDMs) face pressures from many stakeholders — shareholders, government agencies, healthcare delivery organizations (HDOs), electronic health records (EHRs), insurance providers, and of course patients.

Security in the healthcare industry differs from security in other industries – it’s personal. People’s lives are on the line. And when put in that context, security moves up the ranks as a priority. In fact, balancing all those expectations listed above doesn’t, and shouldn’t, mean device manufacturers have to choose what’s most important on that list. Technologies and providers exist today to help MDMs protect patients while meeting the demand for innovation and bottom-line objectives.

Keyfactor has spent years developing and providing security technology for the Internet of Things (IoT) that meets the needs of healthcare IoT device manufacturers. Along the way, we’ve documented best practices, Five Guiding Principles for Optimizing Healthcare IoT Security:

Digital certificates are the foundation for building a comprehensive security program. They serve as proof points to identify various entities – including people, applications, and devices.

Using unique digital certificates for every device allows HDOs to validate that a device is authentic and assert with high assurance that its messages are genuine. It also allows Internet of Medical Things (IoMT) platforms and applications to validate the integrity of messages sent to and from each connected medical device, ensuring that valuable data is exchanged only by intended recipients. The impacts of a compromised device are minimized as a result of each device carrying its own unique identity and encrypting its data with keys associated with that unique identity.

When a digital certificate is issued, keys are generated. A private key is a separate file that’s used for encryption of data. Trusted Platform Module (TPM) technology or secure storage hardware are designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that carries out cryptographic operations. It provides a hardware-enabled way to secure your cryptographic keys and certificates

Code signing is the application of a digital signature to a piece of code that validates it as a legitimate release and provides authenticity of its source. The process verifies the author’s identity and ensures the code has not been changed or corrupted since it was signed by the author. When the firmware is secure, that security becomes extensible to all those in the healthcare ecosystem – giving hospitals, caregivers and patients the ability to communicate confidently with the device and each other.

A Root of Trust or RoT is the foundation for secure device exchanges. When a healthcare organization or manufacturer manages their own RoT, they have complete control over the identity validation of every device or person they are issuing a key to. Once the accompanying digital certificate is issued, anyone can verify the identity of the key holder.

Sharing your RoT with other parties results in sharing risk. The compromised root of another party should not impact your security. By maintaining your own private RoT you are ensuring secure medical device access with a chain of trust that contains only constituents you authorize.

Renewable, replaceable and revocable credentials, along with an updatable RoT, are non-negotiable requirements. Static systems are inherently insecure and this principle applies to cryptography as well. It is inevitable that cryptographic algorithms weaken over time and many IoT devices will be deployed for durations that extend well beyond the effectiveness of their cryptographic keys. As a result, one must be able to perform complete lifecycle management for certificates, keys, and RoT that are stored on devices (and within IoT ecosystem gateways, servers, and applications).

To learn more, visit https://www.keyfactor.com/keyfactor-control/ or contact us today.