CASE STUDY

Securely and Efficiently Adding Hundreds of Wi-Fi Devices to a Medical Facility Network

 

The Challenge

As more devices need to connect to the network in medical facilities, there are a variety of constraints that may prevent traditional cabled network connections from being used. However, many Wi-Fi connectivity solutions available today have inherent enterprise security vulnerabilities and deployment challenges that medical facilities cannot tolerate.

The Solution

To create a highly secure and easy-to-deploy Wi-Fi connectivity solution that can function reliably with a variety of devices in a medical facility, we customized the security features and configuration tools for the SX-BR-4600WAN2 wireless bridge module so that it could meet all the specific needs of this medical facility end user

 

In medical facilities today, a variety of equipment, ranging from networking devices for building control to portable medical devices, needs to connect to the network to optimize operations. With this increased number of connections comes a larger attack surface, or potential points where a security breech could occur. Traditional enterprise security concerns, such as securing information and IT assets against unauthorized access and risks, are becoming more prevalent. Organizations such as the FDA and medical facilities alike are prioritizing the development of new cybersecurity requirements for protecting connected assets.

For one of America’s leading healthcare providers, these exact problems were quickly scaling. With more than 750 medical facilities nationwide that need to add both networking devices for building control and medical devices to their respective networks, this organization, and the integrator they selected, were experiencing multiple challenges with these growing connectivity needs. Let’s explore the top three challenges they were facing and how Silex Technology engineers used their extensive enterprise security experience to navigate each roadblock with an affordable, customized solution tailored to meet the strict cybersecurity requirements of these medical facilities.

 

Challenge 1: The Costs and Logistics of Running Cabled Connections

Since a large amount of sensitive data is generated in medical facilities, network connections are traditionally wired. However, hardwiring equipment to the network was not a good fit for this facility for several reasons. First, the end user needed to connect numerous mobile medical devices such as stroke and crash carts and EKG machines reliably and securely to the network. The mobile nature of these devices meant a wired connection would never work.

Wired connections were also not a viable option for stationary equipment such as devices for building control that needed to be connected. This was because many of the end user’s facilities simply did not have enough space left within the existing conduit to add more cabling (Figure 1). Or, even if the space is available, between the cost of the Ethernet cable and the labor to run the cable, it is often more cost-effective to use a Wi-Fi solution.

Ethernet cables

Figure 1. As shown in this facility, Ethernet cables are generally run through the ceiling, which can be difficult or time consuming to do.

 

However, this requirement for a Wi-Fi connectivity solution can present another logistical problem. For some applications it is difficult to provide power to a Wi-Fi bridge from a wall outlet. One of the key differentiators of the Silex Technology SX-BR-4600WAN2, and why this Ethernet bridge ultimately ended up being a good fit for this end user’s building control networking devices, is that it can be powered through a device’s USB port rather than through a dedicated power outlet.

Between this USB power feature and the general cost effectiveness of this Wi-Fi connectivity solution versus run additional cabling in this facility, it was determined that a wireless implementation was the best solution both from a financial and logistical perspective.

SX_BR_4600WANFigure 2. The SX-BR-4600WAN2 allows any Ethernet-enabled device to join a secure, high-speed network.

 

Challenge 2: Traditional Enterprise Security and Emerging Cybersecurity Concerns with Wi-Fi Solutions

No matter what device needs to connect to the network, or if the connection is wired or wireless, it needs to be done securely, especially in a medical facility. Since the end user of this solution worked with their selected integrator to determine a Wi-Fi connectivity solution was necessary because of limitations for cabling space and mobility needs for some applications, many traditionally wired devices now need to be converted to Wi-Fi with an Ethernet or serial adapter. This conversion presented a variety of new enterprise and cybersecurity threats for this medical facility operator.

As a starting point, the integrator for these facilities first looked at a USB Wi-Fi adapter that a building control equipment vendor offered as the optional accessory for Wi-Fi connectivity. While these Wi-Fi adapters could meet the basic requirement for converting a traditionally wired device to a wireless solution, these adapters lacked many enterprise security features and could not meet the security requirements for these medical facilities. Therefore, the integrator knew it needed a more robust conversion solution and turned to Silex Technology.

To ensure Silex Technology Wi-Fi bridges would meet the strict security requirements of these medical facilities, we provided our bridge modules to the end user to work with a third-party to perform their own cybersecurity audit on our products. As a result of this audit, we made multiple changes to our Wi-Fi bridge module to create a custom solution that everyone could feel confident was a good fit for this high-security medical environment. Additionally, to ensure our customers are continuously protected from cyber attacks, we diligently monitor new threats and regulations and investigate and fix vulnerabilities to address emerging cyber threats – processes that were important to both this end user and integrator.

 

Challenge 3: Reducing Configuration Time for Large-Scale Deployments

For this customer, the integrator had separate projects to configure Wi-Fi bridge modules for numerous COVID-19 thermal screening devices, 80 EKG units, 400 medical carts, and 400 non-medical devices needed for facility-wide energy optimization. Since this organization, like most medical facilities, requires unique security credentials for each network device using Wi-Fi, this was a time-consuming task, which the integrator realized after configuring the first 80 units manually. While Silex Technology does have a remote management tool available for configuring multiple units simultaneously, the tool does not provide unique credentials to each unit.

Therefore, when the integrator was ready to configure the next round of 400 Wi-Fi bridges, they knew it would be a time- and resource-consuming process if done manually, which would translate to an expensive process for the end user. To make Silex Technology’s Wi-Fi bridges a viable solution for this integrator and end user, we created a custom configuration tool with firmware that makes initial device kitting much simpler. This simplified process involved the integrator setting up secure Wi-Fi access points with a specific network ID that was shared with Silex Technology to then pre-program all the bridge modules that needed to connect to that access point with that specific network ID. These bridge modules will connect to the access point as shown in Figure 3 out of the box. We also created unique passwords for each access point and bridge module.

Without this custom configuration tool it took the integrator five to ten minutes to configure each bridge, but this tool reduced configuration time by 80 percent – a huge cost saver for the end user.

Wifi setup

Figure 3. Once the preconfigured access point is connected to the network, all associated bridge modules will automatically connect to the access point.

 

An Affordable, Custom Wi-Fi Connectivity Solution to Meet the Strictest Security Requirements

One of our main goals at Silex Technology is to provide products optimized to securely connect medical devices to medical facility networks using our reliable, secure enterprise solutions. Whether that involves a USB, Serial, or Ethernet bridge connection, Silex Technology engineers can work with any medical facility or integrator to customize our products and their configuration to meet the unique needs of the facility as we did in this instance. As a result, the end user not only ended up with a secure and reliable Wi-Fi connectivity solution, but also saved an immense amount of time and money versus using a wired solution and when it came to the Wi-Fi device configuration.

See how Silex Technology can customize an affordable Wi-Fi-based enterprise security solution for your medical facility.