Imagine you’re the leader of a major health care organisation’s IT operations, and you’ve introduced a brand new electronic health record system that’s transformed the way doctors and patients interact throughout the region. In short, you’ve introduced the abilities for remote care and access, with patient data at the ready.
Now, imagine that advanced network you’ve created for IoT in health care has been breached, all thanks to an unsecured endpoint with no encryption. Suddenly, all that patient data is up for sale on the dark web. Scary, right? No one wants to fall victim to a cyber attack caused by a severe lack of IoT and endpoint security.
This scenario is becoming closer to reality every day for businesses in Southeast Asia. According to a Frost and Sullivan forecast, spending on IoT in the region will increase 35 percent by the time 2020 rolls around—that’s up from US$1.68 billion (S$2.25 billion) in 2015 to US$7.53 billion (S$10.07 billion) in 2020. If you compare with the total Asia-Pacific region forecast of US$79 billion, Southeast Asia takes a relatively large chunk of the pie. And if you zero in on a specific sector, IoT in health care has seen a boost of innovation.
IoT in health care is particularly useful in archipelagic countries, such as Indonesia or the Philippines, as there’s a need for remote monitoring and diagnostics. In these Southeast Asian countries, IoT systems are being implemented mainly by government agencies and startups. For example, Medifi is a startup in the Philippines that runs a cloud-based health profile management platform. In more developed markets, such as Singapore, health care ATMs allow patients to skip the clinic line and get things measured on the go, such as their blood pressure or body mass index.
Know the red flags that come with IoT in health care
While it’s clear that IoT in health care is useful, you need to consider the security risk around patient data. According to Gartner’s principal research analyst Anmol Singh, “IoT security is increasingly becoming a business imperative among mainstream organisations worldwide,” and this perception is based on the “volatility and serious consequences of recent security attacks” against medical health care devices.
Specific risks when introducing IoT to the health care arena may include devices entering hospitals through unknown channels, which is difficult to monitor. To create a safe environment for these IoT health care devices, passwords, encryption, and the latest device software and hardware need to operate under a set of common controls.
According to health care IoT security experts, these controls don’t exist today. What ends up happening without common controls? Stand-alone devices may develop network and connectivity glitches that make health care providers more vulnerable to attacks.
Develop a master plan for securing health care IoT devices
Mike Nelson, VP of health care solutions at US-based security certification company DigiCert, recommends basic security hygiene for securing IoT devices. Just like basic hygiene in humans, these procedures can seem commonplace but are all-too-often overlooked and underused. This includes authentication, encryption, conducting a secure boot, and also taking a full inventory of the devices and applications currently used on your network. If you can make sure you’re on top of all your devices and apps, your IoT health care settings can—and will—be as secure as possible.
As reported in 2016 by Gartner, Singapore and Malaysia have taken the lead in IoT development. This should come as no surprise, as the two nations are considered the most advanced in internet connectivity and user adoption when it comes to technology. In Singapore, the government actively considers IoT to be one of the most important building blocks in realising its Smart Nation vision. Singapore Power has even rolled out an advanced digital platform for the development of IoT services.
As for Malaysia, the government has come up with a comprehensive roadmap, complete with three goals contributing to the nation’s IoT master plan. In terms of job creation, the Malaysian government expects over 14,000 high-skilled jobs to be created by 2020, thanks to IoT development.
With such a boom in IoT development in the Southeast Asia region, these security best practices for any and all devices connected to the network must become second nature for those in health care IT. With patient data on the line and technology advancements soaring, security management is at the forefront of priorities.