How Do I Handle Wi-Fi Security with IoMT?
IT teams can’t have a single IoT Wi-Fi service set identifier. Typically, multiple Wi-Fi SSIDs are needed to accommodate different device types and different risk or security profiles. Because each device may have different capabilities for wireless security, such as WPA2 personal or WPA3 enterprise, the requirement to update each device periodically is a huge burden.
IT teams should insist on complete control and thorough documentation for configuring Wi-Fi on every type of IoMT device and must then maintain these wireless configurations through password and certificate changes.
What’s the Best Approach to Mitigating Threats to IoMT?
IoMT devices can’t be trusted like other managed servers or clients, even if they are running on some version of Windows or Linux.
IT teams should assume that IoMT devices have weak security and are easy targets for compromise and treat each device accordingly — unless vendors are able to prove otherwise, and a track record shows that additional trust is warranted.
What Firewall Configuration Is Appropriate for IoMT Devices?
IoMT devices should start with a “block out, block in” security policy on firewalls. IT teams should then add the minimum set of tightly defined rules to allow traffic required for device operation.
Next, IT teams should carefully monitor firewall logs to see if outbound traffic is being blocked, which means a firewall or device is misconfigured. These blocks should be investigated, documented and resolved. Finally, each outbound or inbound rule should be monitored to verify that it is being used. Any rules that never see traffic should be disabled and reverified.
How Do You Reconcile Regulatory Issues with Patching Requirements?
Tightly regulated industries such as healthcare are often caught in the middle between open-source security patches and a “black box” IoMT appliance for which software patches may lag or be completely unavailable for years after deployment. Using strict firewall policies along with firewall unified threat management services (such as an intrusion prevention system to block suspicious traffic) will act as “virtual patching” that can bridge the gap and mitigate security threats.