PKI and identity access management for clinics

Security in hospitals: Protecting medical equipment and IT systems

Digitalisation presents both opportunities and risks for hospitals: Automated and digitalised processes reduce the workload on personnel, while at the same time improving medical care for the patients. However, they also present more potential gateways for hackers to gain access, which increases the risk of cyber attacks – unless clinics upgrade their security. Elementary modules here are a public key infrastructure (PKI) in conjunction with identity access management (IAM).

There has been a pronounced rise in cyber attacks on hospitals and other care facilities in the last few years. This is because quite a number of these organisations have committed to digitalisation, yet failed to focus adequately on the topic of security. This makes life easy for hackers, whose cyber attacks can have severe consequences, including: massive disruptions in day-to-day clinic operations, loss of sensitive data, high recovery costs, all the way up to life-threatening manipulations of medical equipment.

In order to avert health risks and financial damage, clinics need to invest significantly more in their security and take steps to combat both external and internal attacks. Introduction of a public key infrastructure (PKI) in conjunction with identity access management is the recommended approach here.

PKI for hospitals: Securing internal and external communication

A PKI provides essential protective mechanisms for communication within clinics, as well as for exchange with external systems used for procurement, telemedicine applications or the electronic patient record. This is an asymmetric crypto-technology, which is considered one of the securest forms of encryption, as it can be used both to sign and encrypt data and messages. 

Two keys are then required for any connection between communication partners (for example between doctors and laboratory staff):

  1. A public key for encryption of data. Authenticity is ensured with digital certificates, each of which validates the previous certificate in a kind of chain. This creates a secure certification path. 

  2. A private, secret key for decryption.

At hospitals and care facilities, each piece of medical equipment now has its own device identity, a kind of one-off certificate. It then uses this for authentication during commissioning in the clinic network. Further certificates are subsequently assigned, for example for hardware and software updates or for communication with other devices and systems. The respective communication partners exchange certificates and can then encrypt data and messages in such a way that only the other partner can decrypt them. This prevents any unauthorised access, as well as any potential manipulation of the data, effectively closing off gateways for cyber attacks.

Identity access management at clinics: Preventing non-authorised access

Alongside PKI, it's essential to also implement identity access management (IAM) to effectively thwart unauthorized access to devices and systems. This means that computers and medical equipment may only be operated after logging in. In the hectic day-to-day operations at clinics, however, the process for logging in must be made as convenient as possible. Passwords are clearly not practical, as they are not always easy to remember, users often enter them incorrectly due to being so busy and they also represent a massive administrative burden for the IT department.

The trend is therefore moving towards smartcards or FIDO tokens (Fast Identity Online), as these offer the perfect balance between security and convenience. The respective individuals authenticate themselves by inserting the hardware component or placing it on the device in question. They can then, for example, view patient data or adjust the medication on a medicine pump. Once they have completed their work, they simply remove their token again and the device is then locked. Another benefit is that information on who made which changes and when can be logged easily and transparently. In cases involving highly sensitive data or settings, multi-factor authentication may be employed in addition. Alongside placing a token on a device, biometric verification such as a fingerprint recognition is then required.

Security in hospitals: Identifying loopholes through penetration testing

Before introducing a PKI and IAM, it is a good idea to analyse the current situation first. Penetration testing can pinpoint the gateways vulnerable to cyber attacks and assess the associated threat levels. External IT security providers simulate hacker scenarios to identify system weaknesses. Within the scope of such projects, it is often beneficial to conduct awareness training for the personnel, since the system's security heavily relies on its users.

Authors: Heinfried Cznottka (Director Security Solutions), Gorden Bitter (Sales Director HealthCare) - achelos GmbH