Thales and Device Authority partner to protect healthcare IoT
New solution intended to authenticate medical devices and ensure data integrity
Thales has partnered with Device Authority to protect healthcare IoT equipment from cyberattack.
The two companies have jointly developed a solution which will help prevent hacking attacks against connected healthcare equipment. The solution uses DeviceAuthority's IoT identity and access management (IAM) to authenticate IoT devices and ensure the confidentiality and integrity of the data they rely on.
While IoT devices have enabled new services in healthcare including remote diagnosis and medical device integration, the medical sector is increasingly becoming a target for hackers, with 70% of healthcare organisations around the world having experienced a data breach according to the 2018 Thales Data Threat Report.
The new solution integrates Device Authority's KeyScaler platform with the Thales nShield Connect hardware security module (HSM). This provides high-assurance device authentication at IoT scale, managed end-to-end encryption to meet compliance requirements and certificate provisioning for healthcare and other connected devices. The solution will authenticate any new device hardware and establish a strong root of trust and identity on the network. The solution then provides additional security operations, such as issuing a security token that the device can use to validate itself to other IoT platforms, or provide a unique device key and certificate. The KeyScaler platform delivers automation for critical credential management processes, in addition to tokenized access control and policy-based encryption for data, in transit and at rest. The solution is currently being piloted with medical devices.
Darron Antill, Chief Executive Officer of Device Authority, commented: "IoT is transforming the healthcare industry and the way healthcare is provided. When you look at medical devices it's imperative that the right data files from the right consultant go to the right device to instruct it to perform the right procedure, or administer the precise amount of medication, for the correct patient - and there must be no question at any point over the integrity of the data or the medical device. This solution will bring a new level of assurance to both healthcare professionals and patients that the technology being implemented is secured and all data transferred is safe from compromise."
Cindy Provin, Chief Executive Officer of Thales eSecurity, added: "Every day we are seeing how technology in healthcare is helping improve the care that patients receive. However, we have also seen that the healthcare industry is regularly under threat from cybercriminals. Our partnership with Device Authority enables us to solve the device authentication, integrity and data privacy challenges that are impeding IoT deployments, by creating a hardened system for issuing and managing device credentials and keys that are essential to creating a root of trust and enhancing patient safety for customer IoT projects."