Securing the Edge: Protecting Our Hospital

Endorsed by:


Hospitals are increasingly reliant on a vast and diverse ecosystem of edge devices—ranging from mobile workstations and tablets to infusion pumps and diagnostic equipment. Yet, these devices often operate with limited oversight, outdated software and weak access controls, making them a prime target for attackers. In this session, we will share a comprehensive case study on how we tackled edge device vulnerabilities and reshaped our security posture from the ground up. The session will begin with an overview of why edge security is particularly critical in a healthcare setting and the unique threats posed by legacy and unmanaged medical devices. We’ll walk through the results of our initial risk assessment, which revealed more than 10,000 edge devices and multiple categories of vulnerabilities, including hardcoded credentials and vendor-controlled patching timelines. Attendees will learn how we addressed these risks through device hardening, using customer information system baselines, network segmentation, identity and access management improvements, and passive vulnerability monitoring. A key component of our success was our collaborative approach. The results speak for themselves: a 75-percent reduction in unknown edge devices, 45-percent increase in segmentation coverage, and measurable improvement in cross-departmental engagement.