The system from the partnership integrates Device Authority's KeyScaler platform with the Thales nShield Connect hardware security module (HSM). This delivers a high-level of device authentication at IoT scale, managed end-to-end encryption to meet compliance requirements and certificate provisioning for healthcare and other connected devices. The system will authenticate any new device hardware and establish a strong root of trust and identity on the network. It then provides additional security operations, such as issuing a security token that the device can use to validate itself to other IoT platforms, or provide a unique device key and certificate. The KeyScaler platform delivers automation for critical credential management processes, in addition to tokenized access control and policy-based encryption for data, in transit and at rest. Currently, the system is being piloted with medical devices.
The IoT market in healthcare, otherwise known as 'Connected Health', has boomed in recent years with forecasts predicting it will reach $612bn by 2024. IoT devices have enabled new services from remote diagnosis to disease and lifestyle management via mobile apps to medical device integration. It has transformed the way healthcare is provided, creating both a better level of care and operational efficiencies. However, the healthcare industry is regularly targeted by cybercriminals, with 70 percent of healthcare organizations around the world having experienced a data breach according to the 2018 Thales Data Threat Report. As new technologies are adopted by the healthcare industry, they provide new opportunities for cybercriminals – and the risks are high.
See also: Apple bringing medical records to iPhone