Cyber security challenges in hospitals

"In 15years, and across our fleet of more than 500 installed machines, we have had no viral infections," says Eric Lechopier, Director of Software Developmentat ISIS. This is a record that we can proudly announce at a time when cyber attacks are skyrocketing in hospitals. We do not have the solution to these attacks and we cannot guarantee that our customers will not be attacked. What we can do however, is provide them with a perfectly secure medical device that will not be a possible gateway for the virus.

As an operating room video management system manufacturer, we have always and still are directly confronted with the challenges of patient data and network security in healthcare facilities.

To respond to justified concerns, we have written this article to explain how we have been addressing cyber security issues for years. We take you behind the scenes of our IT know-how. Good reading!

‍

The main risks of viral infection

Our machine is designed for the operating theater, which means that it must work in all circumstances: it must therefore be protected against the risk of viral infection.

What are the possible sources of infection on a machine installed in the operating room?

▪ External risk: a person connects in the room, a removable external media such as CD /DVD, USB directly to a machine; since the media is infected, without its owner even knowing it, the virus will creep into the machine and spread.

▪ Internal risk: a "sneak" attack on all or part of the hospital network, is transmitted from machine to machine, for example, from an email with an infected link to spread the virus to all communicating machines interactively with the hospital network.

‍

How is ISIS today protecting its systems from these risks?

As there is no such thing as a "one-size-fits-all" solution, ISIS uses a combination of several technologies and configurations:

• The on-board Windows 10 anti-virus, which updates each time the machine is started,
• The onboard Windows 10 firewall which is activated and completely dynamically managed by the machine, where only the communication ports used by our internal apps are open: "in short", we occasionally open a door when necessary and we close it immediately when it is no longer needed, thus limiting the risk of infection,
• The protection functionality of Windows 10 IoT: UWF-HORM * (unified write filter -hibernate once, resume many). This feature protects the system disk from any modifications and instantly starts the machine identically,
• On-board, individual factory backup: all our systems are systematically equipped with an internal backup system on a stand-alone memory card, allowing a machine to be restored locally to its original state with all the installation parameters in less than one quarter of an hour (a backup copy is also stored on our ISIS servers, in this way a replacement machine can be supplied and operational quickly).
• "On-demand" protection, based on the recommendations and the security policy deployed by the IT departments of each site, against the use of removable media infected or used for pirating purposes: first, and to prevent any infection , the system can be configured to prohibit any execution of an external application from typical removable media (CD / USB). And secondly, to protect the confidentiality of data and prevent data leakage, we can also prohibit the bidirectional use of removable media from our machine.

* Small Zoom on the UWF-HORM

As Microsoft mentions in its weekly newsletter: “This approach can help protect against ransomware, as well as other attacks, or even against well-intentioned attempts to update software without testing. As soon as there's any problem, all you need to do is restart and everything is back to a known good state. ”(to read the article: https://tek.io/3fmTwJo)

"Nothing new under the sun !" These are tools that Microsoft already offered in its older Windows versions. And if it continues to offer it in its offer, it is because they see the value and the effectiveness of these tools, especially nowadays ...

Our offer

In order to meet the requirements of the standards in force and to offer maximum flexibility to the hospital's IT department, our team of engineers has developed 3 operating modes for the machine:

🔷 Mode 1: the machine is completely locked, which prevents any contamination,

🔷 Mode 2: the machine is semi-locked and allows anti-virus management by the IT department,

🔷 Mode 3: the machine is unlocked and remains under the full control of the IT department

Challenges to overcome

The recent European cybersecurity recommendations (Procurement Guidelines forCybersecurity in Hospitals) published in February 2020 strongly recommend the possession of an anti-virus on all "open" systems.

At ISIS, we have clearly demonstrated the value of mode 1 and its technological combination! This is why we recommend it and always offer it by default to our customers.

But in the field, and even with this mode of operation, putting an anti-virus technically makes no sense, we still see reluctance, and in particular on the part of certain IT managers, for this system of protection of the machine having however proved its worth.

Today no more excuses!

All machines offered or updated in post-installation by ISIS are equipped with the Windows 10 IoT version which also incorporates the Defender anti-virus and which, depending on the option chosen by our IT contacts, can be activated and automatically update each time the machine is restarted.

And then …

In 2022, our SurgiMedia machines have never been so safe and reliable, allowing us to fully meet the requirements and expectations of use in operating theaters.

Thanks to the technological combination proposed by our ISIS development team, and even if one of our machines were to be infected, a simple restart would quickly restore it to its original state, fully operational.

As we mentioned in the introduction, and across our fleet of more than 500 machines installed since 2007, our users have not, to date, suffered any viral infection.