Thales and Device Authority healthcare IoT solution ensures device and data security for medical devices
Thales and Device Authority announce a jointly developed solution to ensure the authentication of IoT devices and the confidentiality and integrity of the data they rely on – giving both healthcare professionals and their patients the confidence to adopt these technologies.
The IoT market in healthcare, otherwise known as ‘Connected Health’, has boomed in recent years with forecasts predicting it will reach $612bn by 2024.
IoT devices have enabled services from remote diagnosis to disease and lifestyle management via mobile apps to medical device integration. It has transformed the way healthcare is provided, creating both a better level of care and operational efficiencies.
However, the healthcare industry is regularly targeted by cybercriminals, with 70 percent of healthcare organizations around the world having experienced a data breach according to the 2018 Thales Data Threat Report. As new technologies are adopted by the healthcare industry, they provide opportunities for cybercriminals – and the risks are high.
“IoT is transforming the healthcare industry and the way healthcare is provided. When you look at medical devices it’s imperative that the right data files from the right consultant go to the right device to instruct it to perform the right procedure, or administer the precise amount of medication, for the correct patient – and there must be no question at any point over the integrity of the data or the medical device. This solution will bring a new level of assurance to both healthcare professionals and patients that the technology being implemented is secured and all data transferred is safe from compromise.”, said Darron Antill, Chief Executive Officer of Device Authority.
“Every day we are seeing how technology in healthcare is helping improve the care that patients receive. However, we have also seen that the healthcare industry is regularly under threat from cybercriminals. Our partnership with Device Authority enables us to solve the device authentication, integrity and data privacy challenges that are impeding IoT deployments, by creating a hardened system for issuing and managing device credentials and keys that are essential to creating a root of trust and enhancing patient safety for customer IoT projects.”, said Cindy Provin, Chief Executive Officer of Thales eSecurity.
The solution from the partnership integrates Device Authority’s KeyScaler platform with the Thales nShield Connect hardware security module (HSM). This provides device authentication at IoT scale, managed end-to-end encryption to meet compliance requirements and certificate provisioning for healthcare and other connected devices.
The solution will authenticate device hardware and establish a strong root of trust and identity on the network. The solution then provides additional security operations, such as issuing a security token that the device can use to validate itself to other IoT platforms, or provide a device key and certificate.
The KeyScaler platform delivers automation for credential management processes, in addition to tokenized access control and policy-based encryption for data, in transit and at rest. The solution is currently being piloted with medical devices.