North Lincolnshire and Goole NHS Foundation Trust Reduce IoT Risk and Achieve DSP Toolkit Compliance with Axonius
North Lincolnshire and Goole NHS Foundation Trust (NLG) have hospitals that provide services to more than 450,000 people across North and North East Lincolnshire, East Riding of Yorkshire, East and West Lindsey in the United Kingdom. Every year, NLG hospitals attend to more than 135,000 people in their emergency departments, whilst also delivering more than 4,500 babies, carrying out around 30,000 operations and employing 6,800 staff members.
Key Challenges
Lack of visibility into hyper connected IoT and IoMT environments
IoT and IoMT out of the scope of existing IT security solutions
Need to incorporate IoT devices within overall Data Security and Protection (DSP) Toolkit compliance
Axonius provides us with an unprecedented level of detail and understanding of our otherwise relatively unknown estate of IoT and medical devices, profiling risks that we would have otherwise not known about and their potential impact on our hospitals.... Prioritising and automating the mitigation steps to secure our environment—Axonius is doing all the heavy lifting.
The Axonius Solution – Proactive Healthcare IoT Risk Reduction and Remediation
NLG recognised the inherent risks to patient safety and their operational capability as a result of their IoT and medical devices. They undertook an analysis, and after evaluating various technologies, they concluded Axonius’s dedicated healthcare Zero Trust and visibility solution was the best fit.
The Axonius for Healthcare platform automates end-to-end and continuous asset discovery and secures every connected medical, IoT and OT system without any software, agents or network scanning, prioritising devices delivering patient safety and confidentiality and without hospital service disruptions. The solution covers every threat vector with proactive and pre-emptive attack prevention tools, automated risk reduction, threat mitigation, and step-by-step remediation programs built on the NIST Zero Trust framework to provide Rapid Risk Reduction (RRR) within healthcare IoT.
Clinically intelligent monitoring and threat detection identifies and profiles all connected medical, IoT, and OT devices on the network. The platform’s healthcare-specific AI helps pinpoint and identify anomalous connections. To ensure quick and safe threat remediation, Axonius threat mitigation modelling automatically creates operationally safe mitigation plans with custom security policies healthcare teams can test, validate, and edit within its virtual segmentation validation sandbox before the solution enforces them on the network.
DSP Compliancy
IoT and IoMT are typically the most vulnerable devices on any hospital network, and security tools such as network scanners are not able to provide the required visibility or real-time behavioural analysis. As a result, these types of devices are often not factored into an organisation’s DSP submission. Utilising Axonius’s dedicated DSP dashboard, the team at NLG not only understand their level of compliancy for over 30 evidence items, but the necessary remediation steps to achieve compliancy are also prioritised by criticality and impact on patient safety. Compliance can further be achieved by utilising Axonius’s Zero Trust policy creation engine to dynamically enforce Zero Trust policies and other mitigation tactics where relevant.
The Axonius solution takes vast quantities of our data and distills it into prioritised multi-departmental actions that are manageable for our teams. We aren’t presented with a dashboard of equally weighted overwhelming emergencies; instead, our vulnerabilities are curated and prioritised so we know exactly where to start
Results
Risk Prioritization & Mitigation: NLG can now prioritize risk by criticality and automate mitigation at scale, quickly identifying and remediating vulnerabilities.
DSP Toolkit Compliance: The Axonius platform provides a real-time view into DSP compliance, detailing devices and necessary remediation steps. It helps hospitals integrate healthcare IoT into their DSP Toolkit submission, addressing the vulnerability of these devices.
Enhanced Visibility: The solution offers an unprecedented level of detail and understanding of their IoT and medical device estate, profiling previously unknown risks.
Proactive Threat Detection: Clinically intelligent monitoring identifies and profiles connected devices, using AI to pinpoint anomalous connections.Safe Remediation: Axonius automatically creates operationally safe mitigation plans and custom security policies that can be tested in a virtual segmentation validation sandbox before enforcement.
Get Started
Discover what’s achievable with a product demo, or talk to an Axonius representative.