Cybersecurity in healthcare:

how to protect interconnected medical devices

The complexity of medical devices, systems, and applications in a healthcare setting is incredibly vast and heterogeneous and it can include desktops, servers, bedside computer terminals, diagnostic imaging devices, self-service kiosks, implantable medical devices, electronic health record (EHR) systems, management software, PACS systems, medical billing systems, patient portals, public clouds, and often many other outdated systems. This vast array of machines and applications, which doctors rely on to save lives, represents a huge attack surface for the increasingly aggressive and unscrupulous hackers.

When it comes to cybersecurity in the HealthCare industry, it is important to underline that policies typically designed for standard networks are not always applicable to medical equipment and applications.

Since the whole ecosystem requires a validation process that lasts months, the network configuration is usually frozen at a certain firmware and operating system revision, corresponding to the beginning of the certification process. As a consequence, these systems cannot be promptly updated with the security patches released by the software vendors and their vulnerability exposure becomes higher and higher. Often there aren’t the adequate conditions to realize a private and protected network inside the hospitals, and therefore, if the appliances need be reached remotely, they become exposed to the risk of Cryptolocker, Ransomware and Malware attacks, with the possibility of tampering or theft of patients’ sensitive data.

Last but not least, healthcare institutions must comply with very stringent regulations and require manufacturers of equipment, instruments and applications to provide fully compliant supplies.

There are technologies that overcome these challenges by combining network perimeter protection, machine security, and regulatory compliance with remote access, monitoring, data collection, and analysis of the medical device. Among the vendors that can offer all this is Endian, which makes the Internet of Medical Things (IoMT) more secure and cutting-edge with its multifunctional digital platform.

Endian solution consists of a central software (core) and gateways in the field (edge/field), scalable and adaptable to the needs of different medical/healthcare realities.


The Endian Connect Platform management software allows remote access to geographically distributed machines, making it possible to perform various operations in a centralized manner, without the need to go to the physical location of the machine; in addition, the network administrator can assign access permissions and different levels of authorization, identifying the machines on which operators can intervene with permitted actions, preventing unauthorized personnel from accessing sensitive and privacy-protected data and information. The intuitive and easy-to-use system reduces administrative burdens, travel and on-site intervention costs, and significantly increases staff efficiency. The field component consists of Endian 4i Edge, advanced and cutting-edge IoT security gateways, each positioned on a medical device to be interconnected in a protected manner. A secure VPN tunnel is established through the Gateways, within which data is exchanged in real time. Thanks to this connection, operations are performed remotely and at the same time information on the status of the machinery is stored. This information is then used to plan interventions in a targeted manner, optimizing the use of employees. The Endian 4i Edge gateway also creates an encrypted network between the various devices and possible LIS servers inside the hospital where communication will take place in an encrypted way. Also, due to its Firewall and Intrusion Prevention System functionalities, it segments the network isolating the medical device from the network of the healthcare structure, preventing attacks and intrusions from the outside.

The hospital IT will receive detailed information about the connection of the devices and their operation, and thanks to the logging features of Endian Connect Platform it will be able to request a detailed audit of the actions carried out by the staff remotely.


On the IoT Gateways there is a Data Collection module that supports the main communication protocols (MQTT) and is therefore able to collect and transmit data on the use, consumption and performance of the medical device to the central Switchboard platform, which processes them on a customizable dashboard.

Finally, among the features of the 4i Edge gateways, the availability of LTE connectivity, which provides an additional "network isolation" option to protect the medical instrument and the hospital network. In addition, you can use the Plug&Connect functionality to perform centralized provisioning, reducing the need for technical expertise for field personnel, which is particularly appreciated in the medical field.

The use of a complete solution that integrates cybersecurity, remote management of equipment and Big Data Analytics benefits the entire ecosystem that revolves around the healthcare facility.


The protection of the network itself from attacks and the adherence to the regulations are the prerequisites to efficiently manage the services provided to the patients, but also the assistance and maintenance activities on the medical devices.  Previously the reactive logic prevailed with respect to attacks, violations and service interruptions, today we have realized that IT incidents and "downtime" cost healthcare more than any other sector, both in economic terms and in terms of human lives.

The certainty of having a safe network allows businesses to operate in a preventive fashion, with proactive monitoring and intervention before the breakdown. This inevitably leads to increased productivity and reduced expenses which creates a more successful business.


Start Your Digital Transformation

  • Use a minimal investment to justify your overall IoT project and understand the value of digitalization
  • Collect and analyze machine or device data in your environment with your team
  • Zero setup and infrastructure changes required, we do the work
  • Play around with your data and build your own dashboards to visualize information in new ways
  • See immediate results in terms of potential project and business impact

Endian achieves IEC 62443 Certification

Endian is proud to announce that the Secure Digital Platform (Switchboard and 4i Edge X) are IEC 62443 certified for both 62443-3-3 (System Security) and 62443-4-2 (Component Security) at SL2 security level. This certification ensures that customers using the Endian Secure Digital Platform are able to meet or exceed the industry standard for industrial and automation cybersecurity.

Download Certification