Support Site

News

Securing Wireless Infusion Pumps in Healthcare Delivery Organizations

by

New Collaborative NIST Cybersecurity Guidance for Securing Wireless Infusion Pumps

Over the last several months, TDI Technologies has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a healthcare cybersecurity project for securing wireless infusion pumps.

The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges. I’m excited to share that the NCCoE has just released a draft practice guide, titled NIST SP 1800-8, Securing Wireless Infusion Pumps in Healthcare Delivery Organizations.

The guide explores methods that healthcare delivery organizations (HDOs) can use to address assets, threats, and vulnerabilities by completing a questionnaire-based risk assessment to apply security controls to the pump ecosystem, creating defense-in-depth protection against a range of risk factors. The guide also maps security characteristics to standards, guidance, and best practices from NIST, other standards organizations, and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

To complete this guide, NCCoE also collaborated with technology vendors including: Baxter Healthcare; B. Braun Medical; Becton, Dickinson and Company (BD); Cisco; Clearwater Compliance; DigiCert; Hospira Inc., a Pfizer Company (ICU Medical); Intercede; MDISS; PFP Cybersecurity; Ramparts; Smiths Medical; Symantec; TDi Technologies.

The draft is available for download on the NCCoE website. Please share your thoughts on this step-by-step guide with NCCoE to help make it better.

This practice guide can help healthcare delivery organizations reduce their risk by showing how commercially available technologies, like TDi Technologies, can be used to improve the security of a wireless infusion pump ecosystem within a healthcare delivery organization. The NCCoE and we think the guide helps meet a critical cybersecurity need, but we’d like to hear from you.

Download the guide and provide your thoughts on the NCCoE website.

Thank you,
The Team at TDI Technologies

*While the example implementation uses certain products, including TDI Technologies, NIST and the NCCoE do not endorse these products. The guide presents the characteristics and capabilities of those products, which an organization’s security experts can use to identify similar standards-based products that will fit within with their organization’s existing tools and infrastructure.

Improved Baseline Configuration Management with ConsoleWorks 4.7

by

The recent release of ConsoleWorks Version 4.7 includes a number of new and improved features, including new functionality added to ConsoleWorks Privileged Access Management, Monitoring, and Logging Platform for ensuring auditable security-centered operations of heterogeneous IT environments.

Today I want to talk about the ConsoleWorks Baseline Configuration Management solution. This solution automates the collection of device configurations, allowing administrators to define a master baseline. The current configuration, which can be checked manually or scheduled, is automatically compared to the master – if there are any changes, administrators are automatically alerted. This new feature eliminates the majority of human errors and minimizes the impact of both intentional and unintentional erroneous activity.

The ConsoleWorks Baseline Configuration Management solution addresses key security regulations pertaining to notification of device configuration changes. It can be configured to monitor active ports, services enabled, account & account permissions, installed software & patches, configuration files, and more. Of course, everything that’s monitored is also logged, providing records of changes to the defined baselines that can be used in the event of an audit.

View Datasheets in Resources

Persistent Monitoring and Management with ConsoleWorks

by

ConsoleWorks is an enterprise-class solution that monitors and manages computer and network infrastructure. It watches information coming from all parts of a networked environment and, in real time, extracts key events and notifies support staff. It can, in response to these events, connect staff to the problem source and /or launch utilities to resolve many issues without human intervention.

Device Monitoring

Virtually all computer, network, and similar devices have a communication port through which these devices send boot and status messages. Usually, this console information is lost because it is impractical to monitor and respond to the geographically scattered computing infrastructures common in modern-day businesses.

ConsoleWorks stops this data loss by bringing all the once-discarded console information, status updates, error messages – basically, everything in the data stream – back to a single, web-enabled server, looks it over and responds intelligently.

  • ConsoleWorks maintains a persistent connection to an asset’s communication port, also known as:
    • Serial console port
    • Service processor
    • Baseboard management controller (BMC)
    • Management frontend
    • Chassis management system
  • Manages any information source that sends text data out its console port and allows connections through that same console port
  • Monitors any information source that sends text data using Syslog or SNMP traps
  • Scans incoming, unsolicited text and compares it to the knowledge base, declaring Events when a match is made
  • Logs all communication to and from the asset

Persistent Connection | Access Management | Privilege User Monitoring

ConsoleWorks maintains a persistent, secure connection to physical and logical infrastructures to monitor user actions, machine state activity, and all defined incidents worth knowing about. ConsoleWorks also implements various levels of physical and logical security to provide necessary – and often required – protective measures. The solution can be programmed to trigger pre-defined, real-time, enterprise-wide responses to security incidents. ConsoleWorks enables strong password implementation, access restrictions by task, by role, and by policy, and user authentication internally (through username/password protocols) and externally (from sources including Windows® Active Directory Domain Services, PAM, and RSA® SecurID®).

The platform supports a robust task-based/role-based privileges model based on user-defined Access Control Rules. Access Control rules enable administrators more granular and graduated control over what specific users can do inside ConsoleWorks and how they can use the solution to access and interact with managed assets.

Access Control with ConsoleWorks

by

Privileged Interactive Access utilizes multiple approaches to control access to managed devices. Each approach focuses more precisely, giving greater and finer controllability down to the keystroke security.

Authentication – With ConsoleWorks, there are two non-exclusive ways to use authentication to control access:

  • User-to-ConsoleWorks authentication
  • ConsoleWorks-to-Asset authentication

Role-based Privileges – The ConsoleWorks privileges model enables the ability to associate privileges with roles, rather than with specific users, freeing you to associate these privileged roles with multiple users as needed. The ConsoleWorks privileges model provides access with sublime granularity.

Command Control – provides authority over what a user can do with an asset. Some users may be granted unfettered access, or controls can be placed on every character typed and every command.

 

See Resources for More Information

Managing Privileged Access with ConsoleWorks

by

ConsoleWorks is an enterprise-level privileged access portal that monitors, manages, logs, remediates, reports, and secures physical (routers, switches, servers, etc.), logical (SANs and applications, for example), and virtual infrastructure at the lowest level, in all machine states, including operating, service, configuration, and maintenance modes.

ConsoleWorks Privileged Interactive Access functionality provides the foundation for security and operations to the automation and integration platform.  Once ConsoleWorks has knowledge of the various devices, it basically has the ability to take the place of a human in performing many of the mundane functions that may be required.

In addition to the fundamental Access features built into the core product, having access enables ConsoleWorks to perform Asset and Configuration Monitoring more comprehensively versus today’s manual processes. Once ConsoleWorks has access, it performs automated Endpoint Password Management on IT or OT assets.  It aggregates any and all log files to provide true Situational Awareness by interlacing those logs, line-by-line and applying a common time stamp.

Finally, with the robust Asset and Configuration Monitoring, ConsoleWorks Patch Gap Analysis has the configuration information retrieved directly from each device – the most accurate source of the information.

Privileged Interactive Access is the power that drives the integrated functionality of the ConsoleWorks platform.

Instead of putting agents on your systems, ConsoleWorks uses a unique blend of connectors, centralized web servers, and out-of-band technologies to implement a robust, high availability, lights-out management solution. ConsoleWorks is designed to minimize operational disruption and mean-time-to-repair, and includes the following features:

  • Agentless Monitoring
  • Log Aggregation
  • Audit & Compliance Reporting
  • Session management
  • Command Control
  • Event Management

For more information on managing privileged access with ConsoleWorks, download: Secure Interactive Access NERC CIP -005

Related Posts:

Persistent Monitoring and Management with ConsoleWorks

 

 

End-to-End Monitoring & Management with ConsoleWorks

by

ConsoleWorks acts in a multi-dimensional fashion by monitoring not only the applications but also the servers, virtual machines, networks, and storage devices that run them. It provides managers and administrators with an end-to-end management solution that controls system access, monitors and manages all log files, and watches for specific events that may occur across the Enterprise.

And it does all of this in real-time and in all machine states – power on, single user, maintenance, production, and failure modes. This persistent connection also locks down the “back door” entrances that are overlooked by similar, agent-based solutions.

The end-to-end view provided by ConsoleWorks helps administrators understand why something went wrong and quickly determine and implement the resolution. During that process, ConsoleWorks captures the exact steps used by an experienced administrator to remediate an issue and stores it in the knowledge base for future reference.

ConsoleWorks achieves end-to-end monitoring and management with the following capabilities:

  • Secure Access Management
  • Event Correlation
  • Log File Aggregation
  • Keystroke Logging & Best Practices
  • Proof of Compliance

ConsoleWorks automates the collection, comparison, alert/notification and auditing of any changes to configuration baselines, eliminating the majority of human errors and minimizing the impact of intentional or unintentional erroneous activity.

ConsoleWorks has the ability to speak multiple protocols (including serial), gaining access to and then collecting the inventory is a fundamental capability of the product.  ConsoleWorks does this without adding an Agent to the endpoint, which is a requirement in the ICS environment since many of these devices are purpose-built and cannot have other vendor software installed on it.

ConsoleWorks can be configured to monitor many items including:

  • Functional settings that determine how the asset operates
  • Versions of software currently installed including BIOS, firmware, operating system, applications, etc.
  • Patches, including security patches that are installed
  • Ports that are active and how they are configured
  • Services that are enabled
  • Accounts
  • Configuration Files

Configuration Monitoring Datasheet

Configuration Monitoring NERC CIP 010

We can help

Reach out today, and we'll talk through how we might be able to help!

Contact us