Are We Over Connected Yet?

Some of us remember when distributed medical devices such as patient monitors had their own dedicated server. That server had one job, to support that manufacturer's medical devices. It was not connected to the enterprise network, in part because there was no network. It did not utilize wireless communication, although there were instances it which it might be susceptible to rogue wireless input. Even the manufacturer could not talk to it remotely. Other functions were not supported by this server. For example, the hospital’s vending machines were on their own.  Only a limited number of people had physical access the these early medical device systems and updating the server required hands on activity by dedicated and trained personnel. (Were updates as common then?). Peripheral people could not cause havoc by downloading malicious software to an unrelated system. Ransomware was not yet upon us because downloading it wasn’t likely. Spying and data gathering were not an issue. If there was a server problem it was self-contained to the system being supported. This could be locally problematic but was ultimately limited. We should note that in a recent municipal ransomware attack in Florida the police and fire systems were not affected because they were physically separate from the main city computer system. We are not told if this was a wise cybersecurity decision or just happenstance, but it turned out to be a good thing. An open question in this regard is whether ...
Source: Medical Connectivity Consulting - Category: Information Technology Authors: Tags: Standards & Regulatory Source Type: blogs