Nuvolo Case Studies Over One Million Patient Visits Rely on Safe Medical Devices: A Case Study on Nuvolo OT Security

Edit This Case Study Record

	Over One Million Patient Visits Rely on Safe Medical Devices: A Case Study on Nuvolo OT Security Nuvolo

Over One Million Patient Visits Rely on Safe Medical Devices: A Case Study on Nuvolo OT Security

Nuvolo

Technology Category	Functional Applications - Inventory Management Systems Platform as a Service (PaaS) - Device Management Platforms
Applicable Industries	Equipment & Machinery National Security & Defense
Applicable Functions	Maintenance Warehouse & Inventory Management
Use Cases	Inventory Management Tamper Detection
Services	Cybersecurity Services System Integration
Challenge	The case study revolves around a large hospital system that provides care for over one million patient visits a year, involving over half a million radiology exams, over 20,000 surgeries, and over 200,000 emergency visits. The system relies on over 15,000 medical devices, half of which are network-connected, including infusion pumps, X-ray machines, and MRI and CT scan equipment. The network-connected devices enable healthcare teams to share health monitoring data and perform remote maintenance. However, with network connectivity comes increased risk to the safety, availability, and accessibility of these devices. Unauthorized persons could exploit vulnerabilities in device software or settings, disrupting the operation of the device or stealing sensitive patient data. The healthcare provider wanted to ensure their medical devices were secure and that any issues were quickly addressed. The healthcare technology management (HTM) team initially had two separate device inventories, neither of which was interfaced with the other, leading to a lack of consistency and common data fields. Read More
About Customer	The customer in this case study is a large hospital system with more than 30 community and school-based clinics. They provide care for over one million patient visits a year, involving a wide range of medical procedures and emergencies. The hospital system relies heavily on a vast network of over 15,000 medical devices, about half of which are network-connected. These devices include infusion pumps, X-ray machines, and MRI and CT scan equipment. The network-connected devices enable the healthcare teams to share health monitoring data and perform remote maintenance. However, the network connectivity also presents a significant security challenge, as unauthorized persons could exploit vulnerabilities in device software or settings, disrupting the operation of the device or stealing sensitive patient data. Read More
Solution	The hospital system recognized the need for a single device inventory to track all devices for their full lifecycle in a consistent way. They implemented the Nuvolo Maintenance solution, which captured detailed information about device owners, device make and model, software version, and device locations. The solution ensured unregistered devices added to the network outside of the intake process were identified early on. To ensure their devices were safe, accessible, and available, they added cybersecurity-specific features such as device discovery, monitoring, bi-directional data integration, and security risk scoring, all integrated with this single inventory. They turned to Nuvolo OT Security, enabling them to correlate security events across devices and automate orchestration with the Nuvolo work order management system to help perform more efficient mitigation on alerts and vulnerabilities. Nuvolo’s security event correlation minimized the overhead of having to analyze, match, and contextualize events across multiple inputs. The final piece was to ensure an automated process to create work orders against security event records, and create a shared dashboard view for the HTM and security operations center (SOC) teams. Read More Log in to view content
Contents

Technology Category

Functional Applications - Inventory Management Systems

Platform as a Service (PaaS) - Device Management Platforms

Applicable Industries

Equipment & Machinery

National Security & Defense

Applicable Functions

Maintenance

Warehouse & Inventory Management

Use Cases

Inventory Management

Tamper Detection

Services

Cybersecurity Services

System Integration

Challenge

The case study revolves around a large hospital system that provides care for over one million patient visits a year, involving over half a million radiology exams, over 20,000 surgeries, and over 200,000 emergency visits. The system relies on over 15,000 medical devices, half of which are network-connected, including infusion pumps, X-ray machines, and MRI and CT scan equipment. The network-connected devices enable healthcare teams to share health monitoring data and perform remote maintenance. However, with network connectivity comes increased risk to the safety, availability, and accessibility of these devices. Unauthorized persons could exploit vulnerabilities in device software or settings, disrupting the operation of the device or stealing sensitive patient data. The healthcare provider wanted to ensure their medical devices were secure and that any issues were quickly addressed. The healthcare technology management (HTM) team initially had two separate device inventories, neither of which was interfaced with the other, leading to a lack of consistency and common data fields.

About Customer

The customer in this case study is a large hospital system with more than 30 community and school-based clinics. They provide care for over one million patient visits a year, involving a wide range of medical procedures and emergencies. The hospital system relies heavily on a vast network of over 15,000 medical devices, about half of which are network-connected. These devices include infusion pumps, X-ray machines, and MRI and CT scan equipment. The network-connected devices enable the healthcare teams to share health monitoring data and perform remote maintenance. However, the network connectivity also presents a significant security challenge, as unauthorized persons could exploit vulnerabilities in device software or settings, disrupting the operation of the device or stealing sensitive patient data.

Solution

The hospital system recognized the need for a single device inventory to track all devices for their full lifecycle in a consistent way. They implemented the Nuvolo Maintenance solution, which captured detailed information about device owners, device make and model, software version, and device locations. The solution ensured unregistered devices added to the network outside of the intake process were identified early on. To ensure their devices were safe, accessible, and available, they added cybersecurity-specific features such as device discovery, monitoring, bi-directional data integration, and security risk scoring, all integrated with this single inventory. They turned to Nuvolo OT Security, enabling them to correlate security events across devices and automate orchestration with the Nuvolo work order management system to help perform more efficient mitigation on alerts and vulnerabilities. Nuvolo’s security event correlation minimized the overhead of having to analyze, match, and contextualize events across multiple inputs. The final piece was to ensure an automated process to create work orders against security event records, and create a shared dashboard view for the HTM and security operations center (SOC) teams.

Impact #1	The implementation of Nuvolo OT Security and the Nuvolo Maintenance solution led to a more efficient and secure system for managing and monitoring the hospital's vast network of medical devices. The solution provided a single, integrated inventory for all devices, capturing detailed information about each device and identifying unregistered devices early on. The addition of cybersecurity-specific features allowed for more effective monitoring and risk scoring, while the correlation of security events across devices helped to prioritize and remediate vulnerabilities and security incidents faster. The automated process for creating work orders against security event records, along with a shared dashboard view for the HTM and SOC teams, facilitated better communication and coordination between the teams. This comprehensive approach to device security helped to reduce risk and ensure the safety, availability, and accessibility of the hospital's medical devices.

Impact #1

The implementation of Nuvolo OT Security and the Nuvolo Maintenance solution led to a more efficient and secure system for managing and monitoring the hospital's vast network of medical devices. The solution provided a single, integrated inventory for all devices, capturing detailed information about each device and identifying unregistered devices early on. The addition of cybersecurity-specific features allowed for more effective monitoring and risk scoring, while the correlation of security events across devices helped to prioritize and remediate vulnerabilities and security incidents faster. The automated process for creating work orders against security event records, along with a shared dashboard view for the HTM and SOC teams, facilitated better communication and coordination between the teams. This comprehensive approach to device security helped to reduce risk and ensure the safety, availability, and accessibility of the hospital's medical devices.

Download PDF Version

Overview

Over One Million Patient Visits Rely on Safe Medical Devices: A Case Study on Nuvolo OT Security

Operational Impact