Explore the most recent editions of MPO Magazine, featuring expert commentary, industry trends, and breakthrough technologies.
Access the full digital version of MPO Magazine anytime, anywhere, with interactive content and enhanced features.
Join our community of medical device professionals. Subscribe to MPO Magazine for the latest news and updates delivered straight to your mailbox.
Explore the transformative impact of additive manufacturing on medical devices, including design flexibility and materials.
Learn about outsourcing options in the medical device sector, focusing on quality, compliance, and operational excellence.
Stay updated on the latest electronic components and technologies driving innovation in medical devices.
Discover precision machining and laser processing solutions that enhance the quality and performance of medical devices.
Explore the latest materials and their applications in medical devices, focusing on performance, biocompatibility, and regulatory compliance.
Learn about advanced molding techniques for producing high-quality, complex medical device components.
Stay informed on best practices for packaging and sterilization methods that ensure product safety and compliance.
Explore the latest trends in research and development, as well as design innovations that drive the medical device industry forward.
Discover the role of software and IT solutions in enhancing the design, functionality, and security of medical devices.
Learn about the essential testing methods and standards that ensure the safety and effectiveness of medical devices.
Stay updated on innovations in tubing and extrusion processes for medical applications, focusing on precision and reliability.
Stay ahead with real-time updates on critical news affecting the medical device industry.
Access unique content and insights not available in the print edition of the MPO Magazine.
Explore feature articles that delve into specific topics within the medical device industry, providing in-depth analysis and insights.
Gain perspective from industry experts through regular columns addressing key challenges and innovations in medical devices.
Read the editor’s thoughts on the current state of the medical device industry.
Discover the leading companies in the medical device sector, showcasing their innovations and contributions to the industry.
Explore detailed profiles of medical device contract manufacturing and service provider companies, highlighting their capabilities and offerings.
Learn about the capabilities of medical device contract manufacturing and service provider companies, showcasing their expertise and resources.
Watch informative videos featuring industry leaders discussing trends, technologies, and insights in medical devices.
Short, engaging videos providing quick insights and updates on key topics within the medical device industry.
Tune in to discussions with industry experts sharing their insights on trends, challenges, and innovations in the medical device sector.
Participate in informative webinars led by industry experts, covering various topics relevant to the medical device sector.
Stay informed on the latest press releases and announcements from leading companies in the medical device manufacturing industry.
Access comprehensive eBooks covering a range of topics on medical device manufacturing, design, and innovation.
Highlighting the innovators and entrepreneurs who are shaping the future of medical technology.
Explore sponsored articles and insights from leading companies in the medical device manufacturing sector.
Read in-depth whitepapers that explore key issues, trends, and research findings for the medical device industry.
Discover major industry events, trade shows, and conferences focused on medical devices and technology.
Get real-time updates and insights live from the CompaMed/Medica conference floor.
Join discussions and networking opportunities at the MPO Medtech Forum, focusing on the latest trends and challenges in the industry.
Attend the MPO Summit for insights and strategies from industry leaders shaping the future of medical devices.
Participate in the ODT Forum, focusing on orthopedic device trends and innovations.
Discover advertising opportunities with MPO to reach a targeted audience of medical device professionals.
Review our editorial guidelines for submissions and contributions to MPO.
Read about our commitment to protecting your privacy and personal information.
Familiarize yourself with the terms and conditions governing the use of MPOmag.com.
What are you searching for?
Manufacturers cannot make development and security mistakes with IoMT devices.
March 23, 2021
By: Emily Newton
Editor-in-Chief, Revolutionized
Smart healthcare requires nigh-impenetrable cybersecurity if it’s going to succeed. By now, everyone knows smart home devices are vulnerable, such as smart speakers or security cameras. There’s often no way to know where the related data streams are going or who’s listening in. It means we often sacrifice some of our security and privacy to use these convenient devices, which is concerning to many. However, many common mistakes that occur in IoT (Internet of Things) deployments simply cannot happen with IoMT (Internet of Medical Things) devices or medtech. If sensitive medical information is leaked, or the devices fall under a nefarious actor’s control, the implications are far more severe. Can you imagine someone’s smart pacemaker, for instance, being affected by a remote hack? Moreover, personal health information goes for a premium on the black market, exceeding thousands of dollars and making it much more lucrative to would-be hackers. Manufacturers cannot make the same development and security mistakes with IoMT devices. Vulnerabilities in both categories are concerning, but one could result in a major loss of life, so there’s much more on the line. Many of the high-security solutions and techniques that show potential in the IoMT industry can also be used for consumer-level IoT technologies. 1. Segmented Networks with Limited Access Regarding cybersecurity, there’s a vast difference between an open network—even a secured one—and one that remains private with limited access. Commercial networks, medical-related especially, should be segmented to restrict the flow of traffic. Segmentation involves dividing up a network into several parts, with the more restrictive segments locked down and hidden. Most networks broadcast their existence to the general area, but there is a way to prevent this so only those who know the network exists can find it. Moreover, advanced authentication can prevent random or nefarious users from gaining access. What this might look like in the IoMT world, for example, is servers used to collect and process smart device data would be segmented and hidden. Only authorized users, with the right tools and access protocols, can connect to that network and review or manipulate the data. More importantly, users can be issued varying access levels, so they might be able to read or review data, for example, but not alter, download, or remove it. 2. No Encryption, No Use Cases Encryption is mission-critical for IoMT devices and medtech platforms. Data being transmitted, stored, processed, or read must always be protected behind advanced levels of encryption. Encrypted data that’s leaked or snooped on cannot be translated without the proper encryption key. It means even a massive database of personal details can essentially end up unusable without the key. It’s important to understand that encryption can be broken. Yet, the stronger the encryption, the more difficult and time-consuming it is to reverse. All sensitive and proprietary medical or health data should be encrypted, period. Nothing is ever 100 percent secure, but it provides an additional and much-needed layer of security to the data. 3. Frequent Penetration Testing One of the best ways to find weaknesses in the walls of a fortress is to attempt to breach them. Precisely the same is true for smart technologies and IoMT networks. Regular penetration testing can place a spotlight on the most concerning vulnerabilities and security issues. Additionally, it can help medtech, IT, and security teams come up with a plan of defense if and when there is an attack. They learn how an attacker might try to gain access and what that might look like from the attacking side. It also allows them to build an incredibly accurate risk assessment that can be used to plug many of the existing or potential gaps. 4. Absolute System Integrity On mobile platforms and connected devices, regular updates are warranted because they help patch security vulnerabilities, fix bugs, and sometimes introduce new features or device support. Unfortunately, the way many of these updates are deployed — over-the-air is the biggest offender—tends to introduce serious security problems. By accounting for basic device and data integrity, this issue can be mitigated, or it may even eliminate intrusions. The driverless automotive sector is working hard to deploy secure OTA updates to many of its vehicles. It’s easy to understand why they wouldn’t want hackers to gain access to vehicles, especially those already on the road. Code signing can be used to verify the integrity of update packages sent over-the-air and is just one of many authentication measures that can be used to verify data. Being able to establish and verify data integrity is key. 5. Accounting for Scale Right now, scaling isn’t as much of a concern in the IoMT or medtech fields because adoption isn’t rapid or widespread. That will change, and it means all of the security solutions must be ready. Security platforms that cannot keep up with the growing scale of a network and all connected devices will fail. When that starts to happen, it may also affect other systems, such as remote devices trying to sync up with a server. Smart medical devices that cannot send or receive feedback from a server could prove disastrous, even if they are designed to function locally and offline. True Security Is Ongoing, and Medtech Is No Exception All parties, from manufacturers to software engineers and end-users, must understand that cybersecurity is never a one-and-done event. Throughout the lifetime of a system, regular security updates must be delivered. Appropriate and advanced security methods must be used, such as secure passwords, biometrics, or single-user access. All medical data must be locked down, with access limited to only a select few parties. Organizations that want to boost their security must establish a proper IT security team with experience and skills to match. They must also focus on developing proper authentication, integrity, and encryption protocols. Furthermore, they must prepare for the growing scale of connections and devices, with segmented networks created for the most sensitive data channels. Anything short of these proposed strategies creates a highly vulnerable system or device, which could spell disaster.
Enter your account email.
A verification code was sent to your email, Enter the 6-digit code sent to your mail.
Didn't get the code? Check your spam folder or resend code
Set a new password for signing in and accessing your data.
Your Password has been Updated !
