CyberMed•Cloud Network Security Toolset

Maintaining Cybersecurity for Medical Device Cloud

As Medical devices advance into the IoT (Internet of Things) usage model, the security of data is of paramount importance. Sufficient measures and countermeasures are necessary to protect patient and device data throughout the process, from collection, through transport, processing, access, and retention.

Regulations provide guidance for what must be protected, but not necessarily the means to provide the protection. Securing device and patient data is an ongoing, ever-changing effort where the data and services must be constantly monitored. Records of data access and usage combined with extensive reporting extend cybersecurity through audits and transparency.  Furthermore, predicting and detecting potential intrusions and stopping them before they can happen strengthens the cyber-secure framework to unparalleled levels.

With these in mind, Promenade Software has developed a cyber-secure foundation utilizing tools and resources in a holistic architecture. Security in our foundation comes from a combination of a secure authentication and data encryption design, along with network security. This paper covers network security.

Network Security 

CyberMed∙Cloud employs a variety of tools (listed below) to meet requirements for compliance and for proactive protection of the cloud network infrastructure.  The toolset covers auditing and compliance, security and infrastructure monitoring, and intrusion detection and prevention.  These tools are widely used, industry standard, and highly reliable. The combination of these tools and secure configuration management provides the ongoing cybersecurity for CyberMed∙Cloud.

DiagramDescription automatically generated
Figure 1 - Network Security

Security: Prevention and Detection

WAF

Amazon’s Web Application Firewall controls bot traffic and blocks common attack patterns, such as SQL injection or cross-site scripting.

Guard Duty 

Guard Duty is a threat detection service that continuously monitors the AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.

Security Hub

Security Hub is a cloud security posture management service that performs security best-practice checks, aggregates alerts, and enables automated remediation.

Detective

Amazon Detective is used to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Amazon Detective automatically collects log data from AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables efficient security investigations.

Inspector

Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Inspector produces a detailed list of security findings, prioritized by level of severity. These findings are reviewed directly or as part of detailed assessment reports, which are available via the Amazon Inspector console.

Config 

Config is used to assess, audit, and evaluate the configurations of the AWS resources. It continuously monitors and records AWS resource configurations and supports automation to evaluate recorded versus desired configurations.

Monitoring and Audit Trail

CloudWatch

Amazon CloudWatch provides data and actionable insights to monitor the applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing a unified view of AWS resources, applications, and services that run on AWS. CloudWatch is used to detect anomalous behavior in environments, set alarms, visualize logs and metrics side by side, take automated actions, troubleshoot issues, and discover insights to keep the applications running smoothly.

CloudTrail

CloudTrail monitors and records account activity across the AWS infrastructure, giving control over storage, analysis, and remediation actions. It can be used to prove compliance with regulations such as SOC, PCI, and HIPAA.

Tenable.io

Tenable.io is used to actively identify, investigate, and prioritize vulnerabilities, providing full visibility to the entire attack surface covering more than 60 thousand vulnerabilities.

Summary

The requirements to maintain cyber secure services for medical IoT applications are stringent and vast.  These tools and their configurations are a critical line of defense against data breaches and malicious attacks. CyberMed∙Cloud utilizes these tools to provide a safe and secure environment for medical devices and the associated data.



CEO of Promenade Software Frances Cohen
john.morton@promenadesoftware.com
https://www.linkedin.com/in/john3morton/
16 Technology Drive, Suite 100
Irvine, CA. 92618, U.S.A.
linkedin logo
twitter logo
facebook logo
linkedin logo
CONTACT US
SUBSCRIBE TO
NEWSLETTER
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
ABOUT
PROMENADE SOFTWARE

Promenade Software, Inc. specializes in software development for medical devices and other safety-critical applications.
Promenade is ISO 13485, and CyberMed • Cloud is SOC2 Type II certified.

American Systems registrarSOC2 Type 2 Logo
© 2022 Promenade Software, Inc.