Health and Healthcare Facilities

In healthcare institutions, digital transformation continues, improving care and patient management. However, this increased dependence on IT also brings its own risks. Stormshield supports these changes, transforming hospitals into connected and secure spaces.

Human risk: the key concern of the medical sector

The activities of healthcare institutions are of a vital nature. In case of failure, the consequences can be disastrous: and inability to provide care or to produce medicines, but also the leakage, loss or falsification of samples or health data. The performance and availability of IT networks in our healthcare systems is all the more important as patients' lives often depend on the information that circulates within them.

27

The number of major cyberattacks against hospitals in France in 2020, according to the Secretary of State for Digital Transition, Cédric O

Protecting sensitive and vital health data

Data exchanges between the various sites that make up our healthcare ecosystem (analysis laboratories, hospitals belonging to the same group, equipment/medicine production plants, etc.) are continuous, and the data in question extremely sensitive. Test results, prescriptions in patient files, drug manufacturing secrets... the information being exchanged is not trivial. And it's not just a question of confidentiality or medical secrecy. To be sure of making the right diagnosis and administering the right dosage, health professionals need to have confidence in the integrity of the information on which they base the decision.

To protect patient data during exchanges, the Stormshield Network Security (SNS) solution enables the creation of encryption tunnels via virtual private networks (VPN).

Ensuring service availability

The need for rapid action

The pace of the health sector is driven by emergencies. It therefore requires a rapidreaction in the event of an incident, in conjunction with the hospital's biomedical equipment, its Building Management System (BMS) or its Centralized Technical Management System (CTMS).

This can be facilitated through the provision of secure remote access to technicians or third-party service providers through mobile SSL or IPSec VPNs and via the authentication of users for network data flows. These two measures are also useful for increasing the use of remote maintenance, but also to ensure the secure growth of telemedicine.

They are an integral part of the functionality of our Stormshield Network Security (SNS) firewall range. The products in this range are certified to the highest European level, and also guarantee continuity and availability of services thanks to their bypass functionality and intrusion prevention system.

Strong physical constraints

Electromagnetic waves from medical imaging techniques (ultrasound, X-rays, scans), impacts from frequent handling of equipment, handling in emergency situations... physical constraints in a hospital are everywhere. This context is new and more complex than traditional IT environments, requiring the installation of cybersecurity elements in close physical proximity to the equipment to be protected, without an IT rack.

Our ruggedised industrial firewalls are designed for these constrained environments, and are easy to mount in electrical cabinets.

Mandatory regulatory constraints

Due to its intrinsically critical nature, the health sector is subject to strong regulatory requirements. Many French actors are included in the list of operators of vital importance (OIV) and are subject to the Military Planning Law (LPM). At the European level, this list extends to operators of essential services (OESs) who are required to follow the recommendations of the Network and Information Security (NIS) directive.

Stormshield solutions are recognised by the highest European authorities, and also comply with specific healthcare standards, such as DICOM or HL7protocols and regulations including the GDPR, PSSI (a mandatory information systems security policy in French healthcare establishments), ePHI (electronic Protected Health Information) and the US HIPAA (Health Insurance Portability and Accountability Act) standard. Learn more in our dedicated e-book.

Cyber risk is not uniform, and threats today can come via a number of routes. Discover the vectors of cyber risks in hospitals – network, human, software and physical – through this interactive platform (in French so far).

Getting to grips with a unique set of computer assets

There is much more overlap between IT and operational infrastructure in the medical world than there is in other sectors. On average, a dozen smart medical objects are found in an intensive care unit.

The advent of this Internet of Things, and of an operational infrastructure that is increasingly connected to the IT network, is contributing – along with the use of integrated and approved systems – to the development of hospital facilities. In order to achieve this without difficulty, it is essential to segment these networks in order to strengthen their security, but without modifying the systems in order to avoid “breaking” their approval.

For this reason, our Stormshield Network Security (SNS) range provides NAT network functions that are built into the security equipment. SNS also provides in-depth contextual analysis of electronic and operational protocols to prevent both known and unknown attacks. This is complemented by granular control of authorised messages and the use of custom signatures, as well as protected user browsing through URL and application filtering.

The other characteristic of medical sector IT assets is their wide geographical distribution: they are sometimes spread out over different areas of the hospital, between several buildings, or even between different geographical locations in the case of regional hospital groups like in France.

To easily deploy and manage security equipment in such large infrastructures, we have designed the SMC centralised management solution, which enables the management of VPNs and filtering, among other things.

With Stormshield, give your business cyber-serenity. Our responsive teams identify the needs of your communication network and provide you with the most effective solutions.