Over 150 Total Lots Up For Auction at One Location - CA 05/31

Healthcare devices vulnerable due to legacy Windows operating systems: survey

by Thomas Dworetzky, Contributing Reporter | May 21, 2019
Health IT
California-based Forescout Technologies has reported that healthcare is “riddled with devices running legacy Windows,” and that “71 percent of Windows devices will no longer be supported by Microsoft in January 2020.”

The researchers determined that these legacy Windows systems were mostly Windows 7, Windows 2008 or Windows Mobile.

The San Jose-based firm based its conclusions on analysis of data in its Forescout Device Cloud — one of the world’s largest databases of anonymized data, from over 8 million healthcare devices of more than 1,000 customers.

“The Forescout Device Cloud provides us with game changing data from millions of devices around the world, and what we are releasing today is just the tip of the iceberg,” said Elisa Costante, head of Operational Technology (OT) and Industrial Technology Innovation at Forescout in a statement. “Our findings reveal that healthcare organizations have some of the most diverse and complex IT environments, which are compounded due to compliance risks. Every time a patch is applied, there is concern around voiding a warranty or impacting patient safety. These organizations are dealing with lifesaving devices and extremely sensitive environments.”

Other findings from the survey included that:
  • The traditional computers account for 53 percent of all devices on medical networks.

  • IoT (Internet of Things) devices make up 39 percent and include VoIP phones, network printers, tablets and smart TVs.

  • OT (Operational Technology) systems, such as critical care systems, building automation systems, facilities, utilities and physical security, account for eight percent of all networked devices.

  • The most common OT devices are for patient tracking and identification systems (38 percent), infusion pumps (32 percent), and patient monitors (12 percent).

Other operating system woes include a sprawling diversity of vendors and software that adds complexity and hacking vulnerabilities. In fact, “40 percent of healthcare deployments had more than 20 different operating systems,” according to Forescout. Roughly 60 percent of systems are Windows, but the other 40 percent include a mix of mobile, embedded firmware and network infrastructure. The level of complexity is highlighted by the conclusion that “30 percent of healthcare deployments had 100 or more device vendors on their network,” the report found.

“Patching in healthcare environments, especially acute care facilities, can be challenging, and require devices to remain online and available,” advised the researchers, adding that, “some healthcare devices cannot be patched, may require vendor approval, or need manual implementation by remote maintenance personnel.”

You Must Be Logged In To Post A Comment