Home | Solution | By Industry | Healthcare Providers

Controlling and Protecting the HDO’s Network Airspace with Aireye

Achieve full visibility, control and immediate protection of your network airspace while ensuring compliance with HIPAA

Controlling and Protecting the HDO’s Network Airspace with AirEye
gartner-logo
Gartner® Recognizes AirEye Technologies as a Sample Vendor in 2022 Market Guide for Medical Device Security Solutions.

Full Visibility

Build and enforce your HDO’s wireless security policy, and prevent violating security regulations and standards.

Control

Ensure that any wireless device in your HDO doesn’t expose your wireless networks to unauthorized network access, device hijacking, ransomware and other malware, segmentation hopping as well as data leakage.

Immediate Protection

Be able to look at the complete HDO’s airspace, identify legitimate connections versus those that do not comply with the security policy, and protect your managed and unmanaged devices from unauthorized connections.

What's in It for You

AirEye Dome enables you to understand the risk posed by your network airspace and allows you to enforce your airspace security policy – ensuring that your devices communicate only on authorized networks and unauthorized devices do not connect to your networks.

Common airspace policy violations at HDOs

  • A physician’s tablet connects to an the cafeteria’s network while taking notes on a patient
  • The operator of an MRI manually connects to the Guest network to send patient data back to the EMR system
  • Patient connects its laptop to the wireless network that is generated by the portable X-ray which is used to communicate with the X-rays corresponding plates
  • The printer in the oncology department is connected to the corporate network but the receptionist turned on also its wireless capability

AirEye Dome provides you with continuous protection of the campus airspace. AirEye Dome monitors the airspace and precisely terminates malicious connections to and from wireless-capable devices, eliminating the threat of the wireless entry points, without any impact on legitimate traffic and connections.

Example of over-the-air attacks at HDOs:

  • Ransomware interjected to the MRI through its wireless capability, exploiting a vulnerability on the MRI device to run remote code execution and render the MRI useless
  • Ransomware introduced to a patient healthcare monitoring platform due to a sensor’s connection to a rogue AP
  • Malware on the physician’s laptop milking out PII information from the EHR system and exfiltrating that data due to the laptop connected to a rogue AP
  • FragAttacks, a software-only remotebased class of attacks where the attacker directly interacts with a medical device behind the firewall, and gains full access to the corporate network without leaving any log traces

AirEye Dome prevents PII data leakage through non-authorized wireless networks, thus helping to comply with the HIPAA regulation.

Common airspace-related HIPAA violations:

  • The physician’s laptop connects to the cafeteria’s open Wi-Fi while also connected to the wired network, exposing all patient documents to every cafeteria network user
  • A medical device technician sends patient examination results on the Guest network making them available to each visitor in the campus
  • Administrator resets the printer’s wireless network to the Guest network and connects and prints patients files

AirEye Dome enforces your airgapped and network segmentation policy by preventing over-the-air hopping between wireless networks.

Examples of over-the-air attacks that defeat network segmentation at HDOs:

  • An attacker takes control of an unpatched wireless ultrasound device in the radiology network, and propagates to the cardiology network via a dual-connected printer residing on the cardiology’s network

  • An attacker takes control of a physician’s laptop in the orthopedics network and uses the Wi-Fi interface to propagate to a Point of Sale device (POS) through its open hotspot and from there into the pharmacy network.