Ivanti Blog: Posts by

How to Safeguard Healthcare Data in ITSM: Ivanti and Protecto

Mon, 02 Jun 2025 17:00:31 Z

The healthcare sector, perhaps more than any other, needs to scrutinize the balance between data utility and data privacy. Healthcare organizations must manage large amounts of sensitive data while complying with stringent regulations such as the Health Insurance Portability and Accountability Act (HIPAA). For IT teams seeking to implement AI-augmented service management, that responsibility weighs heavily.

A notable recent incident involved over four million customers affected by a data breach at Blue Cross Blue Shield, where Google Analytics had been configured in a manner that allowed member data to be shared with Google Ads, likely including protected health information.

Forward-looking IT leaders want to take advantage of advanced IT service management capabilities to improve operational efficiency, including emerging AI applications. But to avoid becoming the latest headline, they also need the highest standards of data protection. In this article, we’ll go into how Ivanti integrates with Protecto to do just that.

Where healthcare compliance and AI intersect

The myriad regulations that healthcare organizations must follow (HIPAA, GDPR, CCPA and others) are designed to protect patient data and ensure that it is handled securely and ethically. Data security and privacy are fundamental aspects of patient trust, and noncompliance can result in significant fines and legal actions.

At the same time, AI and ML technologies require access to large datasets – data that may include sensitive information that is subject to these stringent requirements. To add another layer of complexity, healthcare organizations are often large and complex, with multiple departments and locations, which means any data privacy solutions need to be able to scale without compromising performance.

Healthcare requirements for ITSM

IT organizations that want to take advantage of advanced ITSM use cases without fear of compromising data privacy have specific requirements – requirements that the integration between Ivanti Neurons for ITSM and Protecto deliver.

Data masking

Intelligent data masking identifies and masks sensitive information such as PII and PHI. This lets AI agents operate on data without exposing sensitive elements, preventing data leaks and reducing misuse. Additionally, data masking ensures that the context and utility of the information remain intact, enabling effective analysis and decision-making.

Role-based access controls

Role-based access controls and policy-driven unmasking ensure data is only accessed by authorized users with appropriate roles. Only users with the necessary permissions can access or unmask sensitive data.

Audit trails

To comply with regulations, healthcare organizations need a comprehensive audit trail of how sensitive data is accessed, used and protected. Detailed logs simplify compliance workflows and support regulatory audits.

Seamless integration

Protecto integrates with Ivanti APIs, which allows existing processes to remain uninterrupted – and for IT teams to deliver the best possible service – adding a layer of protection without disrupting operations.

Scale

A single instance of Protecto can support over 3,000 tenants, safeguarding the data of millions of users. It can handle large-scale deployments while maintaining operational resilience, making it a reliable choice for AI initiatives.

Ivanti and Protecto’s partnership

The partnership between Ivanti and Protecto brings immense value to Ivanti customers in highly regulated sectors with heightened data privacy concerns.

Already available features such as custom masking policies, on-premises and private cloud alternatives, and improved audit logs and reports ensure customers can meet compliance requirements with confidence.

Our commitment to research and development in AI, machine learning and data protection mean customers will always be at the forefront of managing large-scale datasets.
Our work with healthcare organizations, regulatory bodies and technology partners helps customers put in place practical data protection solutions without compromising IT efficiency.

Combining Ivanti Neurons for ITSM with advanced data security and privacy features ensures that our customers’ ITSM operations are both efficient and compliant with the most stringent guidelines, whether they’re in the healthcare industry or any other highly regulated field.

Ivanti’s partner ecosystem

Ivanti works with a wide range of technology partners like Protecto to help customers make the most of their investment in Ivanti solutions. To learn more, visit the Ivanti Partner Markeplace.

Grand Bank's Success Story: Enhancing Vendor Management with Ivanti's External Attack Surface Management Solution

Wed, 11 Dec 2024 17:40:59 Z

In today’s dynamic cybersecurity environment, effectively managing vendor relationships is crucial for protecting digital assets. According to PwC’s 2022 Global Digital Trust Survey, 75% of executives reported that their organizations are overly complex, leading to concern about cyber and privacy risks.

Grand Bank, a prominent financial institution, faced similar challenges in monitoring and mitigating risks with its vendors. To address this, they partnered with Latest Solutions to implement Ivanti’s External Attack Surface Management (EASM). This provided Grand Bank with improved visibility into vendor security, streamlined onboarding and improved their overall cybersecurity program.

Overcoming vendor security challenges

Maintaining strong vendor relationships is crucial for safeguarding an organization’s digital assets. Grand Bank encountered significant difficulties in securing its vendor ecosystem. The adoption of External Attack Surface Management (EASM) addresses the need to identify and mitigate risks linked to an organization’s extended digital environment, encompassing third-party vendors and partners.

By deploying EASM solutions, companies can achieve enhanced visibility into their vendors’ external attack surfaces, thereby reducing overall cybersecurity risk and strengthening supply chain security.

Before adopting Ivanti's EASM solution, Grand Bank carried out vulnerability assessments and penetration tests on their internal systems. "As we moved to the cloud, it became evident that this approach was necessary for our cloud assets and vendors as well. Evaluating vendor security proved especially difficult. We required a method to assess our vendors' security stance," said Robert Hanson, CTO of Grand Bank.

The bank's previous vendor security procedures were outdated and inefficient, increasing the bank's vulnerability to security threats. Forrester highlights that EASM is crucial for thorough due diligence, especially during mergers and acquisitions, where uncovering hidden vendor assets is vital for assessing risk.

To address these challenges, Grand Bank opted for Ivanti’s EASM solution. It offers an automated, comprehensive vendor management approach that continuously monitors vendors' attack surfaces, assesses and mitigates risks. With Ivanti's EASM, the bank has streamlined vendor onboarding and greatly enhanced exposure management. To further bolster their security measures, Grand Bank also engaged one of Ivanti’s strategic partners, Latest Solutions, to assist with the implementation.

The value of the latest solutions partnership

2018, the collaboration between Grand Bank and Latest Solutions has been mutually beneficial. Combining their industry knowledge with Latest Solutions' cybersecurity expertise, the Grand Bank implemented Ivanti’s EASM solution to improve vendor security management. This partnership allows Grand Bank to continuously monitor and assess vendor risks, streamline onboarding, and mitigate third-party threats, thus strengthening its overall cybersecurity framework.

Additionally, it helps Grand Bank comply with regulatory standards, protect sensitive data and maintain client trust. This partnership has notably improved Grand Bank's security and that of its vendors.

Moreover, the continuous support and technical expertise provided by Latest Solutions has enabled Grand Bank to stay ahead in the rapidly evolving cybersecurity landscape. The collaboration ensures that Grand Bank remains resilient against emerging threats, thereby securing its operations and improving stakeholder confidence.

The strategic alignment between the two organizations has fostered a proactive approach to cybersecurity, creating a robust and reliable vendor management system. This seamless cooperation has been exemplified through the effective implementation of Ivanti's EASM solution, as detailed in the following use case.

"EASM is a pretty easy lift from a partner's perspective as a lot of the lift comes from the product itself in the background. Four hours and you're up and running...pulling data and it just gets more fine-tuned...it's basically doing something that would take a team to do for your organization," said Jared Carver, President of Latest Solutions.

Vendor management use case of Ivanti's EASM solution

Grand Bank's implementation of Ivanti's External Attack Surface Management (EASM) solution follows a multi-phased approach that has greatly improved their cybersecurity posture. Initially, Grand Bank used Ivanti EASM to assess its assets, uncovering unknown vulnerabilities and gaining a comprehensive overview of its security landscape. This self-evaluation serves as the foundation for a more robust and informed vendor management program.

In the second phase, Grand Bank focused on evaluating the security posture of their existing vendors. By using Ivanti's EASM, they gained unprecedented visibility into their vendors' attack surfaces, identifying potential risks and vulnerabilities that had previously remained undetected. This included insights from the dark web, providing a deeper understanding of exposure management and enabling Grand Bank to take proactive measures to mitigate potential threats.

The ability to continuously monitor their vendors' security postures ensured that Grand Bank could swiftly address any issues, thereby fortifying their overall cybersecurity stance.

The final phase involved integrating EASM into Grand Bank's pre-onboarding checks for potential vendors. This streamlined the vendor onboarding process, ensuring that only vendors meeting stringent security standards were brought on board. The continuous monitoring capabilities of EASM also facilitate efficient offboarding, reducing the risk of residual vulnerabilities from former vendors.

This not only saved time and resources but also ensured compliance with industry regulations, a crucial aspect of GRC (Governance, Risk and Compliance).

Robert Hanson explains their approach: "If I'm going to check my vendors, why don't I just check my vendors before I onboard those vendors? So now it's part of our TPRM (Third-Party Risk Management) process where we're redrafting our policy and procedures. As we're looking at bringing vendors on board to work with us, we're going to thoroughly assess them before granting approval. This proactive strategy sets the stage for using some of the advanced features that Ivanti’s EASM solution offers.”

Key features and benefits of Ivanti's EASM Solution

Ivanti's EASM solution has revolutionized the way organizations handle vendor management and cybersecurity. One of its most significant strengths is its ability to offer detailed recommendations for addressing vulnerabilities, making it particularly helpful for organizations with limited cybersecurity resources. This feature allows organizations to improve their vendor security without requiring additional personnel.

Another advantage of Ivanti's EASM is its use of CVSS scores to prioritize and resolve security issues effectively. By providing a standardized method for assessing vulnerabilities, organizations can concentrate on the most urgent threats. This feature is crucial in optimizing resource allocation and ensuring prompt resolution of critical issues.

According to Robert Hanson, “Ivanti's EASM reporting capabilities are regularly presented to the risk group and board, providing an overall picture of the bank's and its vendors' risks. It's a crucial solution in balancing the delivery of innovative products while safeguarding the bank's data and assets.”

Furthermore, Ivanti's EASM solution promotes collaboration between organizations and their vendors to improve security. This approach streamlines the vendor onboarding process, thanks to continuous monitoring and actionable insights provided by the solution. This encourages vendors to understand their vulnerabilities and take proactive measures to mitigate risks.

Jared Carver, President of Latest Solutions, notes that “Ivanti's EASM is effortless to implement from a partner's perspective, as most of the work is done by the product itself in the background. It eliminates the need for a dedicated team to manage these tasks for the organization.”

Besides these features, Ivanti's EASM solution also ensures compliance with GRC guidelines. By offering comprehensive exposure management, the solution enables organizations to meet industry standards and regulations.

This not only minimizes the risk of non-compliance penalties but also builds trust with customers and partners. The user-friendly and practical benefits of Ivanti's EASM solution make it an ideal choice for businesses seeking to improve their cybersecurity and vendor management strategies.

Plans for Ivanti EASM

Grand Bank’s implementation of Ivanti’s EASM solution hasn't only improved their current cybersecurity posture but also established a framework for a more secure tomorrow. The bank is strategically planning to deepen the integration of EASM within their GRC processes, creating a comprehensive security framework that's both resilient and flexible. This alignment will ensure that every facet of the bank’s operations, from internal controls to vendor partnerships, meets the highest security standards and regulatory mandates.

Looking ahead, Grand Bank plans to further integrate EASM into their GRC processes to create a more holistic security framework. This will ensure that all aspects of the bank’s operations, from internal controls to vendor relationships, are aligned with the highest security standards and regulatory requirements.

The bank will also use EASM to enhance their vendor management practices. Regular security assessments will be a cornerstone of their strategy, ensuring that vendors are continually evaluated, and risks are mitigated in real time. This proactive approach will help in vendor onboarding and maintaining strong, secure relationships with existing vendors.

As Grand Bank continues to move more of its services to cloud-based platforms, the role of EASM becomes even more critical. The solution will be key in identifying and mitigating risks that result from this transition, ensuring that the bank’s vendor security posture remains strong. By continuously monitoring the external attack surfaces of their vendors, Grand Bank can proactively address potential threats, thereby protecting their assets and maintaining customer confidence.

Additional resources and support

For more information on Ivanti, exposure management and how our solutions can benefit your organization, visit the Ivanti website. Additionally, to find an authorized partner for support, visit the Ivanti partner area online. Last, join our upcoming live webinar with Ivanti and Grand Bank on December 12th, focusing on proactive protection through Exposure Management, featuring practical advice on improving your cybersecurity posture.

This blog post was enhanced by the contributions of Kalyan Vishnubhotia.

Changing IT Service Management: East Coast City’s Journey with Ivanti’s Enterprise Service Management Solutions

Tue, 26 Nov 2024 16:08:57 Z

In every city, a complex web of technology ensures seamless operations. Imagine the chaos if traffic lights or the subway stopped functioning. Information Technology Service Management (ITSM) plays a crucial role in maintaining urban environments and preventing city-wide disruptions.

Recognizing this, the City embarked on a journey to transform its ITSM capabilities, creating a blueprint for future enterprise service management. By transitioning to Ivanti’s Enterprise Service Management (ESM) solutions and partnering with T4S Partners, the city addressed the limitations of its previous system and introduced functionalities that better align IT with broader business objectives.

The City faced significant challenges with its existing ITSM system, which became difficult to manage and scale. Relying on a highly customized Cherwell Service Management (CSM) platform approaching its end-of-life, complexities and fragmented data across multiple sources led to inefficiencies, hampering operations and strategic decision-making.

Despite the challenges, the benefits were significant, such as improved service delivery and quality of life for residents. Advanced automation capabilities and a comprehensive Configuration Management Database (CMDB) streamlined IT operations and laid a robust foundation for future digital transformation. The successful ITSM migration not only improved day-to-day operations but also set a precedent for future technological progress. To achieve a successful migration, the first phase focused on a comprehensive project plan aimed at elevating Information Technology Service Management (ITSM) capabilities.

ITSM Migration Project Overview

Mission:
- Elevate Information Technology Service Management (ITSM) capabilities.
Goals:
- Integrate key systems.
- Enhance process maturity.
- Leverage automation.
- Bolster portal and reporting capabilities.
- Streamline IT operations.
- Align IT services with the city's business goals.
Platform Selection
- Chosen Platform: Ivanti's Enterprise Service Management (ESM) solutions.
- Key Features:
  - Robust capabilities.
  - Scalability.
  - Proven track record in large-scale implementations.
  - Comprehensive Configuration Management Database (CMDB).
  - Advanced Change Management capabilities.
Implementation Partnership
- Partner: T4S Partners, a Premier Channel Sales Ivanti partner.
- Role and Requirements:
  - Deep understanding of Ivanti's offerings.
  - Navigated migration complexities.
  - Ensured seamless implementation without disrupting existing operations.
  - Key to achieving improved process maturity and service delivery.

To further enhance these successes and future impacts, the City undertook a strategic migration to Ivanti's ITSM and ITAM solutions.

Migration benefits of Ivanti ITSM and ITAM

The City gained significant advantages by switching from the outdated Cherwell system to Ivanti's modern ITSM and ITAM solutions. This transition prevented end-of-life issues and provided a more robust framework for enterprise systems management. It not only solved immediate problems but also brought new features that improved overall service delivery.

Retiring old systems reduced technical debt and brought benefits. Ivanti's platform improved the service catalog and support portal, making it easier for users to request services. The centralized configuration management database provided accurate data, increasing the efficiency of support operations. Neurons for Discovery automated asset management, making the IT environment more transparent.

The migration included automation features to improve service requests and onboarding. Automating routine tasks freed up IT staff to focus on strategic initiatives and ensured efficient handling of service requests, leading to faster resolutions and improved user satisfaction.

Ivanti's solutions provided a systematic approach to change control, ensuring changes were well-documented, authorized and implemented smoothly. This was essential for preserving the integrity and reliability of the city's IT services. Despite the systematic approach and benefits provided by Ivanti's solutions, the City faced several challenges during the transition to the new ESM system.

Overcoming challenges

As the City aims to streamline operations and improve service delivery, a comprehensive Configuration Management Database (CMDB) became vital. Serving over 4,000 users, the service desk's limitations in asset management and discovery hindered timely incident response and asset tracking.

One primary hurdle was integrating with Microsoft's Entra ID, initially posing a significant roadblock for seamless migration of user data and access control. Ivanti’s technical support team stepped in with robust solutions, ensuring smooth integration and maintaining the project's momentum.

Data fragmentation was another challenge. The previous ITSM system caused data to be scattered, making it difficult to use the new CMDB and Asset Management solution fully. Ivanti’s solutions introduce a cohesive data management strategy, consolidating and streamlining information to improve IT asset tracking and management.

The City’s complex customization requirements added another layer of complexity. The absence of advanced Change Management solutions and automation capabilities was also a critical pain point. These features are essential for ensuring service delivery continuity and operational efficiency in a fast-paced urban setting. Recognizing these gaps underscored the need for a more robust ITSM solution that aligned IT services with business goals.

With the support of T4S Partners and Ivanti’s advanced solutions, these challenges were effectively addressed. Ivanti's solution's flexibility allowed seamless integration of custom processes, ensuring a smooth transition without disrupting ongoing operations.

Overcoming challenges in automation and discovery was also critical. These abilities were essential for improving service delivery, and careful planning ensured their successful implementation. The collaboration with T4S Partners was instrumental in managing the initial setup and setting the stage for future digital transformation.

The City’s experience highlights the importance of a robust and adaptable ITSM solution, a well-thought-out transition strategy and the value of expert support. Advanced ITSM solutions have a transformative impact on improving operational efficiency and service delivery.

Aligning IT with business goals

Building on this understanding, the City strategically adopted Ivanti’s Enterprise Service Management (ESM) solution to further align IT Service Management with its goals for enhanced efficiency, accuracy and user experience.

By integrating Neurons for Discovery with the CMDB, the City improved asset and configuration management, addressing Intune connector issues and laying the groundwork for better incident handling and change management. This led to efficient asset tracking, reduced downtime and improved service delivery.

Ivanti’s platform also improved incident handling and streamlined change management, boosting response times and service quality. Comprehensive surveys ensured IT services met user needs, refining service request workflows and improving the customer portal's user-friendliness. Automating service request management allowed IT to focus on strategic initiatives, aligning IT capabilities with the City's goals and modernizing service management for future digital transformation.

These strategic improvements positioned the City for long-term success, showing its dedication to improving service delivery and the quality of life for its citizens through aligned IT and business goals. Having established these strategic improvements, the City continued its digital transformation journey by moving to IT Service Management.

Implementation Approach

The City’s move to IT Service Management with Ivanti Neurons for ITSM is a major step in the city’s digital transformation journey. The move not only addressed the immediate challenges of the previous system, but also introduced advanced capabilities such as automation and a full CMDB, which will help the city grow and innovate in the future. The new platforms capabilities in asset management and discovery have significantly improved the city’s IT capabilities, ensuring that IT services are closely aligned with the city’s business goals.

The partnership between T4S Partners and Ivanti was key to the success of the transition. T4S Partners’ expertise made the migration process seamless and non-disruptive to the City’s operations. This partnership has laid a strong foundation for the City to continue to improve its IT operations, showing the City’s commitment to improving service delivery and the quality of life for its residents. The implementation of advanced Change Management tools has further enhanced the City’s ability to adapt to the ever-changing technology landscape, ensuring the City’s IT infrastructure remains robust and efficient.

Conclusion

The City’s transition to Ivanti Neurons for ITSM marks a major milestone in its digital transformation journey. This move overcame previous system limitations, significantly improving IT capabilities. The modernization project introduced advanced ITSM functionalities like a robust CMDB, Asset Management and Change Management to align IT with the city’s business goals. Automation and discovery capabilities will help the city adapt to technological changes, improving service delivery and residents' quality of life.

Partnership with T4S Partners was crucial, as their expertise ensured a seamless migration without disrupting daily operations. This collaboration met project goals, from initial implementation to ongoing optimization.

By leveraging the strengths of both organizations, the City has set a strong foundation for continued IT improvements and created a blueprint for other municipalities aiming to modernize ITSM. The investment in Ivanti's ESM solutions promises long-term benefits, allowing the city to keep pace with technological advancements and respond to residents' evolving needs. This transformation underscores the City's commitment to innovation and the value of strategic partnerships in achieving successful digital transformations. Other municipalities are encouraged to explore similar upgrades to improve their services and meet community needs.

Learn more about Ivanti’s Enterprise Service Management solutions. For insights from industry experts, check out Ivanti's YouTube Partner Insights interviews featuring various Ivanti partners and Michelle Hodges, Ivanti’s Senior Vice President for Global Channels and Alliances. Additionally, we encourage you to engage with our online community by participating in our forums and webinars. These are great opportunities to connect with other IT professionals, share your experiences and learn from industry experts.

Ivanti Partner Brings Customer Success to the Olympics and Beyond

Thu, 05 Sep 2024 20:14:02 Z

When a customer needed to update its SSL VPN solution to meet teleworkers’ needs for the Paris Olympics, Ivanti’s key distribution partner Westcon-Comstor illustrated its expertise in zero trust access and commitment to helping users get the most benefit from their Ivanti solutions.

The story of Westcon-Comstor’s approach is one of the numerous partner success stories we’ll share in the coming months to show the critical role our partners play in helping Ivanti customers navigate the ever-changing cybersecurity landscape.

Westcon-Comstor shines in Paris

Westcon-Comstor, a leading technology distributor, has been instrumental in helping organizations modernize their security infrastructure. Its partnership with Ivanti is a testament to Westcon-Comstor’s commitment to providing cutting-edge solutions.

Westcon-Comstor demonstrated that commitment with its recent collaboration with a social protection group with five hundred employees. Westcon-Comstor ensured that they were well-equipped to support their customers as they migrated from Pulse Secure Access to Ivanti Neurons for Secure Access and VPN, minimizing disruptions and maximizing Security benefits.

The customer’s biggest challenge with the Paris Olympics approaching was to update their SSL VPN solution to meet their teleworkers’ needs, as they expected a busy period. By using Ivanti’s zero trust access products, they achieved significant improvements in their network performance, Security posture and operational flexibility.

A standout feature was the option to integrate a Unified Access Layer (UAL), streamlining the transition toward a zero trust architecture (ZTA). This ensured the customer was well-prepared for future security challenges by maintaining an adaptive and resilient IT environment.

The power of zero trust access

The success of this project showcased Westcon-Comstor’s deep expertise in zero trust access, cloud migration, network access control, VPN and secure remote access. Their investment in 3D Labs further demonstrates Westcon-Comstor’s commitment to showcasing the benefits of zero trust architecture to potential customers, enabling them to make informed decisions about their security infrastructure.

The customer was highly satisfied with the Ivanti solution, and its user-friendliness led the customer to make an additional purchase.

Westcon-Comstor’s data-driven approach and Renewal Center of Excellence are testament to its commitment to ensuring customers receive ongoing support and value from their technology investments. Westcon-Comstor’s partnership with Ivanti and their customer-centric approach has resulted in a modernized security infrastructure that enabled the social protection group to deliver on its mission with increased efficiency, security and scalability.

“The standard of excellence we maintain at Westcon-Comstor, from our Renewal Center of Excellence to our presales, is what sets us apart,” explains Matt Piddington, Vice President of Services for Westcon Europe. “We work tirelessly with Ivanti to bring the best to customers and partners, and their success is our proudest achievement. By focusing on comprehensive solution lifecycle management, we ensure customers are equipped with the latest technology to safeguard their operations. We don’t just sell solutions. We create and manage them, driving essential tech refresh initiatives that keep end customers protected.”

This commitment to excellence and partnership with Ivanti naturally extends into the resources and support offered by Ivanti itself. As Westcon-Comstor focuses on delivering and managing top-tier solutions, Ivanti complements this effort by providing a robust framework of support and resources designed to improve secure access infrastructures.

Pulse Secure sunsetting and end of life (EOL)

As Ivanti continues to innovate and evolve our technology offerings, it's important to address the lifecycle of our products to ensure we are providing the most advanced and secure solutions. This commitment to innovation and security is reflected in our recent announcement regarding the Pulse Security Appliance (PSA) hardware.

On July 15th, 2022, a notification was sent to Ivanti customers stating that all PSA hardware will reach end of engineering on June 30th, 2024. As part of our "Secure by Design" initiative, Ivanti has decided to discontinue support for Pulse Security Appliance (PSA) hardware on Aug. 1st, 2024. After this date, the hardware will no longer receive feature updates or bug fixes. We highly recommend that our customers transition to our more advanced Ivanti Security Appliance (ISA) or virtual solutions for optimal performance and Security.

To ensure the ongoing Security and compliance of your organization's access infrastructure, we strongly advise migrating to Ivanti's zero trust access portfolio before the end of life (EOL) date. This comprehensive set of solutions can effectively safeguard your networks and data from unauthorized access.

What’s at stake?

The legacy PSA platform was developed before the broad adoption of modern cloud infrastructure and services — and at a time when the threat landscape was less volatile and more predictable. This legacy platform can expose an organization to multiple risks.

Business risks

Unplanned downtime.
Impact on core applications and business continuity.
Exposure of sensitive data.
Exposure to ransomware and other security vulnerabilities and threats.
Potential regulatory compliance issues.

Operational risks

Not designed for modern cloud architectures.
No protection for application (layer 7) traffic.
Limited capacity and performance.
Difficult to configure and manage.
No automated system upgrades.
No automated patching.

By migrating to Ivanti, customers gain increased visibility and control over their entire landscape, ensuring that only authorized users have access to critical resources. Additionally, they benefit from protection against evolving cyber threats and access to the latest cloud-based innovations, ensuring their organizations remain secure and compliant in the face of emerging IT challenges.

Ivanti zero trust access resources and support

Ivanti is committed to not only developing cutting-edge zero trust access solutions but also ensuring that our partners and customers thrive in an increasingly complex IT environment. This case study demonstrates the power of Ivanti’s zero trust access solutions, which helped their customer streamline operations, strengthen Security and gain the flexibility they need to thrive.

To help organizations on their journey to a secure access infrastructure, Ivanti offers a variety of resources and support options to meet their needs. Visit our website to learn more about our secure access portfolio and the potential of our comprehensive solutions. Additionally, our team of dedicated Ivanti security specialists is here to help.

For those who want a trusted partner like Westcon to help guide them through the migration process, the partner area on our website provides a list of authorized Ivanti partners. These partners have the knowledge and experience to help you get the most out of our solutions and ensure a smooth transition to a secure and robust access infrastructure.

Additionally, view our new Partner Insights interviews on YouTube with various Ivanti partners and Michelle Hodges, Ivanti’s Senior Vice President for Global Channels and Alliances.

We also encourage you to engage with our online community by participating in our forums and webinars. These are great opportunities to connect with other IT professionals, share your experiences and learn from industry experts. You can stay up to date on the latest zero trust access developments, exchange best practices and explore new strategies to improve your security posture.

Securing IoMT Devices: Best Practices for Hospitals to Prevent Cyberattacks

Thu, 21 Sep 2023 16:00:01 Z

The Internet of Medical Things (IoMT) has revolutionized the healthcare industry, connecting medical devices to the internet and allowing for greater patient care. However, with this new technology comes new security threats. Hospitals must be aware of these risks and understand how to find, fix and secure connected medical devices to protect their patients from cyberattacks.

This article will discuss examples of cyberattacks on hospitals, best practices for securing connected medical devices, the role of advanced automation in preventing IoMT security breaches and how data analytics can help organizations monitor security issues.

Overview of IoT medical device security threats in hospitals

Revolutionizing healthcare, the Internet of Medical Things (IoMT) connects medical devices to the web, promoting improved patient care. Unfortunately, this technology also brings a risk — cyberattacks.

To safeguard connected medical devices from malicious actors, healthcare facilities must be aware of these threats and understand proper precautionary measures to take. According to a recent report, 43% of hospitals have been victims of ransomware in the past year.

Cyberattacks on hospitals can range from data breaches to ransomware attacks. And IoMT devices are vulnerable without the proper security measures in place. Implementing advanced automation and data analytics tools can prevent these risks by detecting IoMT security threats in real time.

Additionally, advanced automation solutions can automate processes like patching (with the assistance of the healthcare device manufacturer) and updating software operating systems, ensuring all systems are up-to-date with the latest defense measures against cyberattacks.

Automated solutions can also monitor network traffic for suspicious activity or unauthorized access to health data. Automation also has the added benefit of freeing up time for IT staff so they can focus on other critical tasks, such as responding quickly to potential security threats.

Data analytics is another key tool for securing connected medical devices. Data analytics solutions allow healthcare organizations to monitor their systems in real time for anomalies or malicious activities that could indicate a breach or attack is underway. By analyzing large volumes of data, organizations can identify trends or patterns that may indicate an attack is occurring before it becomes too late.

The combination of automation and data analytics makes it possible for healthcare organizations to protect their IoMT devices from malicious actors while still providing quality patient care at a lower cost than manual processes would allow.

To ensure the security of their connected medical devices, hospitals must be aware of the risks posed by IoMT technology and understand how best practices such as advanced automation and data analytics tools can help them find, fix and secure even the most complex threats.

Examples of cyberattacks on hospitals

Many hospitals are particularly vulnerable to cyberattacks due to their reliance on connected medical devices, not updating their security standards and having limited resources available for security measures. Ransomware is one of the most common attack types seen in healthcare settings, but other threats such as phishing, emails, malware and malicious insiders can also lead to data loss.

In August of this year, a cyberattack disrupted hospital computer systems in several states, including Pennsylvania, forcing some emergency rooms to close and ambulances to be diverted, and many primary care services remained closed for several days.

In 2020, several hospitals around the world were hit by ransomware attacks that led to critical systems being locked down or disrupted entirely. For one hospital in Germany, the attack lasted over three weeks and resulted in delayed treatments for some patients while IT personnel worked around the clock to prevent further damage and gain control over their systems again. The financial cost of this breach was estimated at upwards of $1 million USD.

In addition to financial costs related to a cyberattack, there are also reputational costs associated with it. Patients may lose trust in an organization if they learn that their personal data has been compromised or that treatment delays occurred due to an attack on the hospital’s system infrastructure.

Additionally, legal actions may be taken against hospitals for failing to follow industry regulations when it comes to protecting sensitive patient information from cyber threats.

The importance of finding, fixing and securing connected medical devices can't be overstated. Failure can have serious consequences, both financially and reputationally, for healthcare organizations involved. Investing in advanced automation and data analytics tools alongside compliance with regulatory standards is essential for reducing risk from cybersecurity threats within hospitals today.

How to identify and classify cyber threats on IoMT devices

Using connected medical devices in healthcare facilities has created a range of security risks. To protect against the potential dangers posed by IoMT devices, it's critical to understand how to identify and classify cyber threats on these devices.

First, hospitals should conduct thorough risk assessments on each device to evaluate its vulnerability to attack. This assessment entails examining all aspects of the device, including software, hardware, communication protocols and other potential weak points that could be taken advantage of by malicious actors. It's essential that particular attention is paid to any known or plausible attack vectors.

When the assessment process is finished, organizations must then categorize the threats according to patient safety, patient confidentiality and service availability. High-risk issues should take precedence when dealing with vulnerabilities and preventing future attacks, as they are more likely to cause substantial damage. Low-risk concerns may still pose a risk if left unaddressed but may not always require immediate action depending on the situation.

Ultimately, hospitals must maintain strategies for mitigating cyber threats associated with IoMT devices over time. These strategies include:

Patching and updating software systems when new risks are detected.
Employing advanced automation tools such as machine learning algorithms.
Monitoring network traffic for anomalies or malicious behavior.
Adhering to regulatory standards like HIPAA and GDPR.

Embracing these measures means healthcare providers can reduce their exposure while creating safe spaces for patients and staff alike.

Best practices for securing connected medical devices

Healthcare organizations must take steps to protect their IoMT systems from cyberattacks and malicious activities. Regularly patching and updating software is a must, along with establishing an access control policy for authorized personnel only.

Authentication measures such as two-factor authentication or biometric scanning are also important to safeguard patient data. Encryption of stored data is critical for protecting confidential information from unauthorized access, while firewalls and IPS protect against external threats and malware.

In addition to these measures, healthcare organizations should conduct frequent vulnerability scans to identify any potential weaknesses in the system that maybe exploited by attackers. Advanced analytics tools can help detect anomalies in device behavior, which may signal a possible attack, allowing organizations to quickly act before serious damage can occur.

With real-time visibility into the state of your systems, the organization can respond to operational and security issues with network isolation to ensure that vulnerable devices are no longer putting other devices at risk and provide recommendations on how to deal with those threats.

The role of advanced automation in preventing IoMT security breaches

The prevalence of cyberattacks on healthcare organizations has made advanced automation an essential component of IoMT security. Automation can keep IoMT devices up to date with the latest security patches, detect anomalies in user behavior and device activities and quickly identify and block suspicious network connections or malicious files. Additionally, automation helps hospitals minimize their risk of a breach by ensuring their systems are always secure.

Advanced automation solutions combine real-time analytics with AI algorithms to monitor user behavior patterns for any signs of malicious activity. By using these solutions, hospitals can detect threats such as an unauthorized user attempting to access a secure system resource or an abnormal increase in outbound network traffic — allowing quick response before the attack becomes serious, minimizing disruption and financial losses.

Automating routine tasks also helps reduce alert fatigue for hospital staff — freeing up time so they can focus on other important security issues that require human intervention. Furthermore, automated monitoring strategies provide 24/7 protection against potential threats while personnel are offsite or unavailable.

With automated tools at their disposal, healthcare organizations can stay one step ahead of cybercriminals and ensure that their systems remain safe and secure from harm.

How to leverage data analytics for IoMT security monitoring

Analyzing data generated by connected medical devices is essential for improving IoMT security. By leveraging the power of data analytics, healthcare organizations can quickly identify any anomalies or suspicious activities and take appropriate action to address them.

Automating security processes also ensures that all devices are running on the latest software versions with the most up-to-date patches from the healthcare device manufacturer. Ultimately, leveraging data analytics provides hospitals and other healthcare organizations with an effective way to monitor IoMT security in real time and ensure their systems remain secure from cyberattacks.

Want to learn more? Visit Ivanti's webinar discussing ways to find, fix and prioritize healthcare device threats.

Mapping IT Services for Improved Alignment Between Business and IT

Thu, 20 Jul 2023 15:01:05 Z

Running a business in today's digitalized world comes with many challenges, such as industry regulations, escalating costs as businesses grow and continuity planning. To effectively manage IT services and align them with business goals, organizations are turning to service management solutions to optimize their resources, budgets and cross-functional collaboration.

By automating the management of IT services, businesses can save time, money and reduce the number of potential manual errors, while ensuring efficient and consistent delivery of IT services.

With the right service management solution in place, organizations can leverage automation tools to maximize efficiency and improve resource utilization.

The importance of IT service mapping

The process of service mapping can be manual or automated with service-mapping tools which use data collected from network scans to link processes with objectives.

Ultimately, the outcome of the process is the production of mapping diagrams to visualize all the dependencies between your physical and virtual computers, networks and storage assets. Documentation of all the dependencies is also extremely valuable for those industries that require auditing, such as banking.

Rapid impact, risk and root cause analysis can be performed accurately due to the mapping diagrams showing IT infrastructure relationships, application dependencies, communication flows, ghost devices, network topology, cloud relationships and IT service management incidents and changes. These diagrams also give insight into how service delivery ties into customer satisfaction or cost reduction, as well as identifying areas where improvements can be made.

A survey from Gartner found that nearly 80% of organizations believe that IT Service Mapping can help align IT services with business outcomes.

- “A Guide to IT Service Mapping Aligned with Business Outcomes”, 2020

Documentation of dependencies between different systems is also important for gaining a full picture of service delivery and for anticipating outages or other issues that could arise if one system affected another.

Knowing these details allows organizations to act quickly and efficiently – without disrupting operations – when an issue arises, ultimately reducing the risks associated with unexpected downtime or security breaches. However, the critical success factor is a robust CMDB (Configuration Management Database) that's proactively and automatically updated on a continual basis.

According to Gartner, 80% of CMDB initiatives fail mainly due to manual updates, limited resources, incomplete or untrustworthy data, complacency or lack of governance.

- “Renovating your CMDB to Improve Business Outcomes”, 2019

Develop a process to improve CMDB initiatives

Automated IT service mapping helps administrators identify and resolve any issues within the CMDB more efficiently, leading to improved IT service performance and availability. The service map visualizations we’ve described above will allow your team to quickly identify and analyze relationships between various components within the CMDB.

In addition to using automated discovery and service mapping tools, it’s important to establish a core process your initiative will follow, ensuring data is managed in a secure and consistent manner and that the initiative moves forward in a way that meets organizational goals. Your process should include the following steps (which can be used in any order):

Assess
Assessing the current situation, identifying shortfalls and developing a plan to address any gaps is vital in ensuring that your initiative is successful.
Measure and improve
Ensure you have a touchpoint every 30/60/90 days to track progress and make any amendments.
Design with automation in mind
It's critical to design your initiative around using automated automated data collection and/or processes to help ensure the likelihood of successfully meeting your progress goals.
Establish governance
To ensure that all data is managed in a consistent and secure manner, you’ll need procedures, policies, and processes for data management and decision-making.
Goals and metrics
The identification of goals and metrics will help track and measure success, informing stakeholders about how the initiative is progressing and making it easier to identify areas of improvement. Examples of metrics include:
- Configuration Item (CI) accuracy to determine accuracy of the CIs within the organization’s CMDB.
- User Adoption to measure the success rate of rolling out the system and getting employees to use it.
- Incident Resolution to track the time it takes to resolve incidents over time.

Overall, utilizing this five-step process can significantly improve CMDB initiatives. By meeting regularly with your team to track progress, automating processes, establishing governance procedures, identifying goals and metrics and assessing the current situation, you'll improve the likelihood an initiative will succeed.

Finding the best service management solution

IT service mapping and an accurate CMDB can provide an organized structure for service management, allowing for clear visibility of the services being delivered and the relationships between them. This provides a single source of truth for service management, and that’s key to empowering IT teams to be more efficient and proactive.

In an era of Everywhere Work, organizations increasingly look to service management solutions to help improve resource utilization, optimize budgets and collaborate with teams. But how do you find the best solution for your organization?

Evaluate available ITSM solutions

The first step is to examine and assess various service management solutions and compare them against each other. Consider factors such as cost, features, usability, scalability and customer support when evaluating each option.

It's also important to look at how well a service management solution can integrate with existing systems and processes to maximize its benefits, such as increased efficiency, lower costs, improved service delivery, decreased learning time by staff and increased customer satisfaction. Additionally, consider any customization options that may be available with various solutions.

Utilize automation

Once you’ve selected the right service management solution for your organization? It's time to take advantage of the considerable benefits it can offer.

Automation tools can help streamline processes and reduce manual labor, while enhanced analytics capabilities make it easier to quickly and accurately identify potential issues or risks. Improved resource utilization means long-run cost savings for your business, while having access to real-time data helps ensure that IT services meet business objectives without fail.

Want to learn more? See how The First Bank utilized Ivanti Neurons for Service Mapping to automate processes, reduce time and headcount assigned to manual tasks, optimize costs and enable continuity planning.

How IT Device Discovery Can Identify Your Network's Assets and Vulnerabilities

Thu, 22 Jun 2023 20:09:10 Z

The security of your organization’s network is paramount to its success. With the ever-changing landscape of cyber threats, it's important to take the necessary steps to ensure that your network is secure and compliant with industry regulations.

Ensuring compliance requires you to know what’s on your network. But how can that be done when only 48% of leaders and security professionals say they run their asset discovery program at least once per week? One of the most effective tools for identifying assets and vulnerabilities on a network is IT asset discovery.

What is IT discovery and why is it important for IT security?

IT discovery is the process of identifying and cataloging the various hardware, software and other components that make up an IT infrastructure. This is an essential process to ensure the smooth functioning of IT networks as it allows IT administrators to identify potential issues and plan for future growth.

Once this identification and cataloging of IT inventory is completed, you can maintain a comprehensive inventory of all your assets. Keeping track of all the components making up your network in one place means IT administrators can quickly identify any problems and take the necessary steps to fix them.

And since, on average, up to 30% of an organization’s IT assets are ghost assets, missing or unaccounted for, it is even more important to have accurate, up to date information about your device landscape.

To quickly detect changes in the network and respond to potential threats, it’s worth automating the discovery process — ultimately, it'll ensure a secure and compliant network.

How does IT discovery work?

IT discovery typically uses manual scanning or automated scanning tools. Manual scans involve manually entering IP addresses into a scanner, while automated scans are done with specifically designed software programs. These programs will search through an organization's environment, looking for:

Hardware components such as computers, servers, routers and switches.
Software components such as operating systems and applications.
Network connections such as LANs (Local Area Networks) or WANs (Wide Area Networks).

Additionally, as not every asset will be on the network, the ability to discover devices from other sources via connectors is just as critical in providing a comprehensive picture of your entire IT estate.

Benefits of IT discovery for IT security

Accurate device information is an essential component of any organization’s IT network. Without it, organizations are unable to identify and track assets on their networks or ensure compliance with relevant regulations and standards.

By automating the process of discovering devices connected to your network, you can capitalize on the following benefits:

Provide real-time alerts regarding any changes in the device inventory. This kind of visibility can help your organization quickly detect potential threats and respond accordingly. With accurate device information, identifying unknown assets and reducing attack surface by removing outdated or unauthorized hardware.
Ensure that a network is compliant with relevant security regulations and standards such as GDPR (General Data Protection Regulation), PCI DSS (Payment Card Industry Data Security Standard), HIPAA (Health Insurance Portability and Accountability Act) and CCPA (California Consumer Privacy Act).
Accurately monitor the performance of IT infrastructure and ensure that it always remains secure. With real-time visibility into all the devices connected to the network, your IT team can easily identify problems, even before they become critical issues, and respond quickly when issues arise. This helps reduce downtime for employees, which in turn leads to improved productivity and employee experience across the organization.

Respond Quickly to Potential Threats

When responding to potential threats, it’s important for organizations to act quickly to minimize the impact of the attack. With extended visibility into your entire network, you can quickly locate any malicious actors or vulnerabilities that could lead to an attack.

This also allows for more accurate and timely monitoring of changes in your network's architecture, which are critical in identifying potential weaknesses before exploitation can occur.

Additionally, keeping track of who has access to what parts of your network makes monitoring user activities and maintaining up-to-date user profiles a breeze. With threat actors getting better at disguise, ensuring that only authorized personnel have access to the information they need helps reduce the risk of any unauthorized access or misuse.

And if a threat occurs, it’s much easier to determine where it originated from and take appropriate action against it.

Finally, providing valuable insights into how your organization is responding to potential threats can help improve your security strategy. By measuring response time and tracking incidents over time, you can evaluate which strategies are working best and which ones to amend.

Hungry for more? Watch our webinar recording and explore 5 Best Practices From Real‑World RBVM Programs.

Top 10 Reasons Service Mapping Can Accelerate your IT Service Management Capabilities

Thu, 29 Dec 2022 21:01:33 Z

Service mapping is an essential tool for IT service management, as it allows you to gain a clear and comprehensive understanding of the various components and dependencies that make up their IT services. Service mapping focuses on discovering data center devices, infrastructure, application dependencies and the corresponding relationships.

This enables your organization to manage and optimize their IT operations, improve service delivery and more effectively reduce disruptions and outages risk.

Here are the top 10 reasons service mapping can accelerate your IT service management capabilities:

1. Improved visibility and understanding of your IT infrastructure

Service mapping provides a comprehensive and visual representation of your IT infrastructure, which can help you better understand the relationships and dependencies between different components and services. This heightened visibility can help you identify potential issues and risks and make more informed decisions about optimizing your IT operations.

2. Enhanced collaboration and communication

Service mapping can facilitate better collaboration and communication within your IT team and across different departments. Providing a common language and understanding of your IT services helps break down silos and improve coordination and cooperation.

3. Faster problem resolution and incident management

Service mapping can help you quickly identify the root cause of problems and incidents and to implement effective remediation measures. Providing a clear and comprehensive view of your IT services can also help you prioritize and allocate resources more efficiently – minimizing the impact of disruptions and outages.

4. Improved service quality and customer satisfaction

Service mapping can help identify and address potential bottlenecks and weaknesses in your IT services, ensuring that they are designed and delivered to meet your customers’ needs and expectations. Providing better visibility and control over your IT operations helps you proactively prevent issues and improve service quality.

5. Reduced risk and compliance costs

Service mapping can help you identify and mitigate potential risks and vulnerabilities in your ITinfrastructure and ensure you comply with relevant regulations and standards. Providing a clear and up-to-date view of your IT services can help you easily demonstrate compliance and reduce the cost and effort associated with audits and regulatory compliance.

6. More effective capacity planning and resource allocation

Service mapping can provide valuable insights into the performance and capacity of your IT services, helping you optimize the allocation of resources to meet changing business needs and demands. Providing a clear and comprehensive view of your IT infrastructure can also help you identify potential bottlenecks and capacity restraints before they become an issue.

7. Better support for digital transformation and innovation

Service mapping can help you align your IT operations with your business goals and objectives, and to support the development and implementation of new digital initiatives and technologies. Providing a clear and comprehensive view of your IT services can help you identify opportunities for innovation and improvement, and to integrate modern technologies and systems more easily into your IT infrastructure.

8. Enhanced agility and flexibility

Service mapping can help you adapt quickly and easily to changing business needs and conditions and to respond to new challenges and opportunities. Providing a clear and comprehensive view of your IT infrastructure helps you easily and efficiently make changes more to your IT services and introduce modern technologies and capabilities.

9. Improved cost management and efficiency

Service mapping can help you manage and control the cost of your IT operations and to identify and eliminate waste and inefficiency more effectively. Providing a clear and comprehensive view of your IT services can help you identify and prioritize opportunities for cost savings and optimization – and make more informed decisions about investments in modern technologies and capabilities.

10. Enhanced security

Service mapping can supply valuable insights into an organization’s security posture. By understanding the relationships between different services and the underlying infrastructure, IT teams can find potential vulnerabilities and take proper action.

Service mapping has many benefits, from enhanced security to better support for digital transformation and innovation that can help organizations accelerate their IT service management. Ready to take that next step? Book a demo to experience it for yourself.

Healthcare IT Security Budgets Aren't Keeping Pace With IoMT Threats

Thu, 25 Aug 2022 18:18:18 Z

The impact of ransomware attacks on healthcare is as alarming as it is under-addressed.

These attacks on the United States healthcare system alone are causing an annual burden of nearly $21 billion, including well over $100 million in ransoms. While the financial costs help illustrate the scale of the problem, the true cost is the tragic reality of impacted patient care – including higher patient mortality rates.

For every headline related to cyberattacks, there are likely hundreds more that go unreported. Healthcare-related cyberattacks – including data breaches – almost always involve IoT/loMT devices.

Hospitals have become easy targets for cyberattacks: they are battling a pandemic with exhausted staff, strained resources and limited cybersecurity expertise. Prioritizing an increased budget for IT departments will secure devices, protect valuable information and limit malicious attacks.

The insecurity of connected medical devices

In May 2022, CISA Senior Advisor Joshua Corman documented the rising risks during a Senate HELP Committee hearing. And now, in August 2022, Ivanti’s partner, Cynerio, has teamed with the Ponemon Institute to dive even deeper into the impact of insecure medical devices on hospitals and patients in their Insecurity of Connected Devices in Healthcare 2022 Report.

The report conducted a survey of over 500 hospitals on IoMT threats and security. The report shows:

43% of respondents experienced at least one ransomware attack.
88% of cyberattacks involve an IoMT device.
The average data breach cost is well over $1 million.
Tragically, 24% of attacks result in increased mortality rates.

The report also highlights that reselling patient data is still valuable, as demonstrated by the 43% of respondents who suffered at least one data breach in the prior 24 months.

Of those that suffered a data breach in the prior 24 months, 65% suffered an average of five or more data breaches in that timeframe, with IoT/IoMT devices involved 88% of the time.

Respondents were asked to estimate the total cost of the largest data breach they had experienced involving an IoMT/IoT device, including direct cash outlays, direct expenditures, indirect labor costs, overhead costs and lost business opportunities.

The cost, based on the respondents’ answers, was estimated at $13 million.

Cyberattacks are frequent with a notable impact on patient care

Fifty-six percent of respondents say their organizations experienced one or more cyberattacks involving IoMT/IoT devices in the past 24 months, with an average of 12.5 attacks over the same time frame.

Forty-five percent of these respondents report adverse impacts on patient care from these attacks and 53% percent of those (24% in total) report adverse impacts resulting in increased mortality rates.

Ransomware is a vicious, profitable cycle fueled by frequent hospital payments

Hospital ransomware attacks are crippling to all aspects of a hospital and often present only negative options.

Hospitals are increasingly seeing ransom payments as a viable option for a quick recovery, with 47% choosing to pay.

Thirty-two percent of the ransoms paid fall between $250k - $500k. Those that did not pay the ransom most frequently attributed their actions to an effective backup strategy (53%) and company policy (49%).

Healthcare faces widespread attack types

Staffing shortages lead not only to empty seats but large gaps in knowledge. Attackers have taken advantage of the IoT/IoMT security knowledge gap by unleashing an array of attacks on healthcare environments.

Among the top threats to IoT and other connected devices, respondents expressed the most concern about:

Lack of visibility into IoT networks at 45%.
Phishing at 45%.
Zero-day attacks at 41%.
Ransomware attacks at 39%.

Tragic examples

In September 2020, employees at a Fortune-500 owner of a nationwide network of hospitals reported widespread outages that resulted in delayed lab results, a fallback to pen and paper and patients being diverted to other hospitals.

And a worst-case scenario happened in 2019 at Springhill Medical Center in Alabama, where access to heart monitors disabled by a cyberattack allegedly kept staff from spotting blood and oxygen deprivation that led to a baby’s death.

Hospitals are not spending enough to secure devices

On average, hospitals report spending 3.4% of their IT budget ($5 million annually) to secure devices.

Budget owners often struggle with allocating resources to secure their environments. This will be an ongoing challenge in the IoT/IoMT space for years to come.

The typical IT budget for respondents averages $145 million in the fiscal year, and an average of 17% of that spend is focused on IT security.

Of that security spend, an average of 20% was reported to go towards IoT/IoMT device security – an average of $5 million in the fiscal year – not nearly enough given the potential consequences of a data breach or impact on patient safety.

These numbers will probably vary widely but provide an initial baseline for others to work from.

Perceived risk in IoT/IoMT devices is high, but proactive security actions and accountability are not

Seventy-one percent of respondents rated the security risks presented by IoT/IoMT devices as high or very high, while only 21% report a mature stage of proactive security actions.

Of the 46% who performed well-known and accepted procedures such as scanning for devices, only 33% of these respondents keep an inventory of the devices that were discovered.

A recommended course of action

All IoT/IoMT devices need to be secured and accounted for now, before it is too late.

These devices require industry-specific software based on NIST guidelines such as one that was recently implemented at a large hospital in the Midwestern US.

According to the report, responsibility of loT/loMT is distributed widely between different departments – leading to confusion and finger pointing when issues arise. Consolidation of accountability for all IoT/IoMT devices needs to be within one department of the hospital, not multiple departments as currently.

Lastly, hospitals need to increase their average spend on securing IoT/IoMT devices to 5%-7% of their IT total budget at a minimum – up from the current 3%. This equates to $7.25M-$10.1M in spending, far less than the damages that come with increased mortality rates, ruined reputations and lost productivity.

5 New Aethon TUG Robot Vulnerabilities Expose Healthcare Facilities to IoMT Hackers

Tue, 19 Apr 2022 11:35:56 Z

Healthcare providers must be extremely vigilant in their cybersecurity defense posture. After all, vulnerabilities in the Internet of Medical Things (IoMT) cost hospitals nearly $21 billion in 2021.

New security discoveries by Ivanti partner Cynerio recently made that statistic personal for many providers. While working with an existing healthcare customer, Cynerio found five zero-day vulnerabilities in Aethon TUG autonomous robots – an IoMT device found in many healthcare facilities.

What are Aethon TUG robots?

Hundreds of hospitals around the world deploy Aethon TUG smart mobile robots to deliver medicine and maintenance supplies. They can even perform simple tasks, such as emptying waste baskets.

A diverse collection of sensors and cameras enable these robots to move around a hospital without bumping into anyone or anything.

These robots are primarily used in nursing, pharmacy, labs, food service and waste removal organizations to increase efficiencies and decrease labor costs.

What IoMT vulnerabilities did Cynerio find in Aethon TUG robots?

Some of the IoMT vulnerabilities Ivanti partner Cynerio found in their healthcare customer’s Aethon TUG robots could allow hackers to:

Disrupt or impede the timely delivery of patient medications and lab samples essential for optimal patient care.
Shut down or obstruct hospital elevators and door-locking systems.
Monitor or take videos and pictures of sensitive patient medical records, as well as vulnerable patients, staff and hospital interiors.
Access restricted areas by controlling all physical capabilities and locations of the robots, along with unintended interaction with patients and even crashing into staff, visitors and equipment.
Hijack legitimate administrative user sessions in the robots’ online portal and inject malware through the robots’ browser, further perpetuating cyber attacks on IT and security team members at related healthcare facilities.

The Aethon TUG vulnerabilities put patients and providers at risk of attack from cyber criminals if not immediately remediated.

How can healthcare providers address the Aethon TUG vulnerabilities?

There are three primary methods to secure Aethon TUG robots against these latest vulnerabilities:

Download the latest firmware updates from Aethon, included in its version 24 firmware release. All TUG robots operating on earlier firmware versions will be susceptible to cyberattacks exploiting these vulnerabilities!
Disable external connectivity of all Aethon TUG robots.
Segment the TUG robots’ network to minimize the exposure.

For additional protection, the Cybersecurity and Infrastructure Security Agency (CISA) recommends:

Not exposing control system devices and systems to the Internet.
Locating all control systems behind firewalls.
Isolating systems such as the TUG Home Base Server from business networks.

To learn more about this latest IoMT vulnerability, we encourage you to review this HIPAA Journal article. Aethon has also released a statement on the vulnerability.

If your organization is ready for proactive remediation and security of all its IoMT devices, then you may be interested in Ivanti’s Neurons for Healthcare.

Ransomware Cost Hospitals Nearly $21B Last Year. How Protected Are You?

Mon, 28 Feb 2022 17:59:33 Z

Today, as computing power and wireless capabilities improve, organizations are increasingly leveraging Internet of Medical Things (IoMT) technologies, such as internet-connected blood pressure monitors, continuous glucose monitors and MRI scanners. These tools, with their ability to collect, analyze and transmit health data, improve efficiencies, lower care costs and drive better patient outcomes.

However, according to a recent study on the state of healthcare IoT and IoMT devices, almost 80% of these devices are used so frequently that hospital security has little time to analyze them for risks and attacks, apply the latest patches and carry out segmentation to protect the devices on the network.

That’s a major problem, adding up to nearly $21 billion in ransomware costs in 2021.

Cybersecurity IoT and IoMT challenges

Hospital and healthcare organizations have been increasingly targeted for cybersecurity attacks, especially ransomware attacks that cripple networks and endanger patient safety. These attacks have gotten more sophisticated and have targeted older IoT devices, not just traditional devices like mobile devices and laptops, but things like older MRI machines and IV pumps.

IV pumps are the most common healthcare IoT device and possess the lion’s share of risk. The ubiquitous IV pump makes up 38% of a hospital’s typical healthcare IoMT footprint, and a whopping 73% of those IV pumps have a vulnerability that would jeopardize patient safety, data confidentiality or service availability if it were to be exploited by an adversary.

As IoMT and IoT devices are everywhere, hospitals and healthcare organizations are prime targets because 1) they typically don’t have visibility into the risk of these devices, 2) they don’t know the number of IoT devices they have, and 3) they lack a comprehensive solution to address risk and protect IoT devices.

Protecting hospital IoT and IoMT devices

The first step to protecting hospital IoT and IoMT devices is identifying and fixing vulnerable devices, as 53% of IoMT and IoT devices contain critical risks. For example, a third of bedside healthcare IoMT devices, the devices closest to patient care and vital to optimal health outcomes, have an identified critical risk.If any of these devices were attacked, patient safety, service availability or data confidentiality could be severely impacted, either directly or as part of an attack's collateral damage.

Second, it’s vital to ensure the alignment of stakeholders, as devices fall under different teams within hospital organizations. These teams need to cohesively identify and fix all the vulnerable endpoints within their environment, and not just a portion of them.

And third, you must work to increase the urgency level to secure these devices now to meet the cybersecurity goals of the company. Waiting until an asset inventory is completed is no longer an option, as it will most likely prove too late.

The solution: Ivanti Neurons for Healthcare

The good news is there is a solution in the market that can address these challenges – Ivanti Neurons for Healthcare.

Ivanti Neurons for Healthcare delivers the complete picture of IT across healthcare facilities by discovering and intelligently profiling medical devices and the Internet of Medical Things (IoMT), assessing security risks, reporting threats and reconciling device information across multiple data sources. Most importantly, this solution can segment the entire device fleet to help with the troubleshooting process as well as not jeopardize patient safety, patient info, or clinical workflows.

If you’re interested in learning more, click here.

And if you’re in the Miami Beach area March 6-9th, come see a live demo/presentation in the AT&T Healthcare booth #902 at the VIVE Show. We will also have a live demo/presentation at the HIMSS Show on March 13-18th in Orlando, FL in the AT&T Healthcare booth #2659. We look forward to continuing the discussion.

Ivanti Named a Leader in Latest (Q4’21) Forrester Wave Report for UEM

Tue, 07 Dec 2021 21:31:19 Z

Ivanti was recently named a leader in The Forrester Wave™: Unified Endpoint Management, Q4 2021 report. Furthermore, Ivanti was noted as the only vendor in the market that could provide a fully integrated UEM, ESM, and End-User Experience Management (EUEM) capability.

The Everywhere Workplace

The report recognizes that in the current anywhere-work environment, buyers are looking for – 1) better management of distributed devices, 2) security surrounding those devices, and 3) on-going enhancement of the user experience.

Additionally, Forrester predicts as we approach 2022, that 60% of organizations will pursue a hybrid working strategy in which employees divide their work time between home and office. This prediction further justifies that the Everywhere Workplace has become the norm on a global scale. Key UEM capabilities to help set the foundation of the Anywhere Workplace, according to Forrester, include enabling a better digital employee experience, providing modern management designed for the distributed workforce, and offering native security capabilities to support a Zero Trust framework.

Customer Trends

From a customer trend perspective, the report also notes that enterprises are focused on delivering location-agnostic device management capabilities such ascloud-first OS delivery, peer-to-peer patch management, and remote support.

Ivanti believes it is currently one of the best UEM solutions in the market, with a powerful combination of portfolio, vision, and partner ecosystem that is unmatched in the industry.

Ivanti Case Study: Conair

One customer example of Ivanti’s UEM expertise is Conair. Ivanti helped Conair’s distributed workforce around the world by migrating nearly 700 devices to the cloud that were a mix of company-owned and employee-owned iOS and Android devices. Additionally, Ivanti helped Conair deploy Zero Sign-On to provide secure, conditional access to Microsoft Office 365 on any device.

Ivanti Resources

For additional information about the Conair case study, click here and if you’re interested in reading the full Forrester Wave report, click here. There’s also The Future of UEM webinar (link is here) or contact Ivanti Sales to learn more on how we can help your organization with a best-in-class UEM strategy.

New Endpoint Manager Release Enhances Experiences, Functionality, and Security

Wed, 27 Oct 2021 16:53:44 Z

As more organizations continue moving to hybrid work environments, endpoint security and management has never been more critical to both IT staff and employees. IT and line of business teams have too many systems to work across, forcing IT departments to spend resources and budget on fixing assets that are out of warranty/out of support. Additionally, employees are unsatisfied with their onboarding experience. The good news is with Ivanti’s new Endpoint Manager Release SU1, you can have peace of mind knowing that Ivanti continues to help manage modern devices in the Anywhere Workplace.

Enhanced Microsoft Autopilot Support

So, what are the key enhancements in this new release and why should you care? The first important enhancement surrounds Microsoft's Autopilot support. This support allows customers to seamlessly deploy Microsoft devices (auto enrollment) to end users, regardless of where they are located and without infrastructure changes. Improvements include supporting additional modes of Windows Autopilot (e.g., user driven mode, user driven hybrid AAD, and pre-provisioning).

Support for the Latest OS Platforms

The second key improvement focuses on support for the latest OS platforms. Customers can utilize Windows 11, macOS 12, iOS 15, and Android 12 devices without any loss of management functionality or downtime, and with Day Zero support. Additionally, with enhanced inventory data, IT admins will now be able to collect data specific to the newest ARM processors that are running most of the latest hardware in the market.

Improved Remote Control

The third key improvement involves improving remote control. Remote Control is a feature of Endpoint Manager that allows the IT team to access devices that are outside of their physical location while enabling admins to quickly access, service, and resolve user software and hardware related issues. Specific improvements include significant reduction in time required to establish a session, optimization of code, persistent process, strengthening of security, and smart card support. The reduced connection times result in significant saved hours, improved productivity, and providing an overall better experience for users. Additional information can be found at https://www.ivanti.com/solutions/needs/remote-control-all-of-my-devices-worldwide.

Smart Patching

The last key improvement area focuses on smart patching. IT admins spend a lot of time trying to identify the root cause of an issue. Return codes in certain situations are generic and do not provide clear insights. With this latest update, Ivanti has updated the return codes in certain scenarios to make it clear what is happening as well as enhancing the patch log data and bringing more patch information on the core. This will facilitate quicker issue resolution by eliminating the need to check each endpoint and identify the root cause as well as realize improvements in productivity, bringing information closer to the user and reduce possible log “hunting.” Furthermore, possible cost savings may be realized as this new release optimizes bandwidth management by setting a minimum disk space property on the agent settings. If the endpoint is below this threshold, Ivanti’s Endpoint Manager will not download the patch. Thus, saving critical bandwidth. Lastly, Ivanti has expanded the patch API catalog with new APIs for third party tools, enhancing the user experience as well as enabling the organization to repurpose third party tools.

In closing, Ivanti continues to provide our customers with great experiences, leading functionality, and secure Unified Endpoint Management solutions. For further information, please contact Ivanti Support.