Methodist Le Bonheur Healthcare Drives 85% in
Vulnerability Remediation Efficiency Gains Equivalent to Six Full-Time Employees
Download Case StudyMethodist Le Bonheur Healthcare Drives 85% in Vulnerability Remediation Efficiency Gains Equivalent to Six Full-Time Employees
Case Study
“Asimily is our single pane of glass for connected devices. Instead of physically driving to six locations looking for ones not in use, Asimily provides full visibility enterprise-wide with accurate reporting.”
Paul Moore, Clinical Technology Services System Engineer, Methodist Le Bonheur Healthcare
6
1,700
65k+
10k+
Hospitals
Beds
Devices
Employees
Customer
Methodist Le Bonheur
Headquarters
Memphis, Tennessee
Industry
Healthcare
Methodist Le Bonheur Healthcare provides the ever-changing Mid-South community with innovative, high-quality and comprehensive healthcare services. The system is comprised of six hospitals including Methodist University Hospital, Methodist Le Bonheur Germantown Hospital, Methodist South Hospital, Le Bonheur Children’s Hospital, Methodist North Hospital, and Methodist Olive Branch Hospital.
Challenge
Project Goals
Passively scanning networks to identify medical devices and detect any vulnerabilities.
•
•
•
Accurate device profiling to capture key information like operating systems (OS), IP addresses, MAC addresses, port numbers, applications, hostnames, and version numbers.
User interface with graphical analysis enabling them to benchmark internal progress and compare their security program to peer organizations.
•
Incident Response to automatically detect anomalous and suspicious activity in real-time and advanced Forensic Analysis capabilities.
Pre-procurement risk assessments to comprehensively review and manage risk before adding new devices to their environment.
•
Security experts who could partner with and augment current staff on an as-needed basis.
•
“Asimily identified medical devices actively communicating with foreign countries during the live demo. That was really eye-opening and
unexpected.”
Jeremy Cook, Senior Director of HTM, Methodist Le Bonheur Healthcare
Solution & Milestones
Full visibility and classification of connected medical and IoT devices
•
•
85% increase in efficiency of Vulnerability Management and remediation with their outsourced clinical engineering team using clinically-validated recommendations
Tailored organizational security policies to protect vulnerable devices from any unwanted and suspicious behavior
•
Threat detection of anomalous and suspicious device communications and automated Incident Response communications
•
Integrations with AIMS 3.0 CMMS for asset reconciliation and automated work orders, Microsoft Azure SSO for efficient access, and Rapid7 for a holistic view of vulnerabilities across their environment
•
•
Cost savings equivalent to six full-time employees or $540k annual labor for asset parameter and data collection
•
Optimize their Asimily and AIMS 3.0 CMMS integration
•
Implement tailored organizational policy rules and packet captures to enable optimized Incident Response
•
Work with the security teams to identify and track metrics for medical device security
Methodist Le Bonheur plans to improve its security posture with proactive risk mitigation and risk management. In addition, Methodist Le Bonheur plans to:
“Asimily won the RFP hands down after the live demo. The main driver was the backend architecture, which is more sophisticated and efficient, and how the data is stored, which is sound.”
Jeremy Cook, Senior Director of HTM
Methodist Le Bonheur Healthcare
Methodist Le Bonheur’s healthcare technology management (HTM) team was aware that a specific brand of medical devices in their fleet had known vulnerabilities and the team lacked visibility to identify and mitigate associated risks. After several failed attempts to work directly with the manufacturer, they determined the need for a holistic, specialized solution to provide an effective, in-house, medical device cybersecurity program.
Methodist Le Bonheur did not have a formal IoMT security program. Their HTM team manually sorted and prioritized the long list of Common Vulnerabilities and Exposures (CVEs) when patching vulnerabilities. The team had been advocating for greater visibility while also sticking to a firm budget.
The HTM team discovered several opportunities to improve inventory and network connectivity, realizing the need to segment separate VLANs just for medical equipment.
Next, the team attempted to use their existing active scanning solution and tested it in a controlled environment without patients. Setting up a small network of sample devices, the Clinical Engineering Manager ran active scans nightly. He increased the invasiveness slowly to mimic human error conditions.
One morning he found all his monitors in asystole, a clinical flatline. Had the scan been conducted in a clinical setting, these issues would have directly and negatively impacted patient care.
The HTM team concluded that they needed a passive scanning tool designed for medical devices that would enable discovery, inventory, and device profiling while in use. Additionally, when researching IoMT security solutions, the team discovered that these technologies provide accurate device utilization data that would enhance capital planning and site allocation activities.
When attackers targeted several nearby Healthcare Delivery Organizations (HDOs), they started to feel the need to do more. After obtaining budget approval to move forward with a specialized IoMT security vendor, they began a formal RFP process and invited four vendors to participate.
Methodist Le Bonheur RFP had three primary goals. First, it needed a passive-scanning tool that could safely identify and classify all biomedical devices and shadow IoT connected to the environment without affecting patient care. Second, they needed a solution to provide actionable ways to reduce security risks efficiently. Finally, they needed a provider with deep expertise to develop and help implement an effective ongoing security program.
Asimily’s capabilities were presented to Methodist Le Bonheur senior leaders. The demonstration showed real-time visibility into device activity at one location. The live demonstration identified eye-opening results including medical devices actively communicating with foreign countries.
The team was pleased with Asimily’s data from FDA recalls, which was built from the ground up around the Manufacturer Disclosure Statement for Medical Device Security (MDS2) framework.
Methodist Le Bonheur deployed Asimily with seven Edge processors to detect connected devices and gather key information on IT parameters including IP address, MAC address, port numbers, applications, hostname, operating system and version numbers. With Asimily’s help, the team was able to rapidly implement the solution, enabling a rapid return on investment as an information repository for all devices on the network.
Asimily quickly identified all the connected devices through its artificial intelligence (AI) and documented them with its reporting capabilities. Using Asimily, Methodist Le Bonheur created a topographical map showing where each device was talking on the network and remediated vulnerabilities in less than a week.
Currently, Methodist Le Bonheur uses the Asimily Risk Simulator to proactively assess the impact that potential updates and remediation efforts can have on their overall Organizational Risk Score.
Additionally, the team uses Asimily for visibility into equipment utilization to understand how the six-hospital system aligns and optimizes its medical device fleet and resources. For example, after pulling some sample data on CT scanners, they were able to send an underutilized machine from one location to their Germantown facility for added volume instead of purchasing a new one.
Methodist Le Bonheur uses Asimily for:
•
Identify and track productivity improvements and time savings opportunities
Utilization data to justify reallocating current Imaging devices instead of new purchases (cost-avoidance)
•