• IoT
  • Security a growing concern with more IoT

    Michael Heller is a Senior Reporter at Search Security’s Tech Target. His post on security of the Internet of Things (IoT) sets out the issues that health systems need to deal with. First, it’s important because as more devices join IoT, experts fear that the increase in entry points for cyber-criminals will lead to serious embedded systems security risks that many organisations are unaware of, or unable to mitigate.

    More devices like USBs will come with IoT. These have security flaws, some of which may not be fixed, so may be carried into the new generation of embedded devices, like wearables, stretchables and ingestables. Resource constraints may be part of the underlying weaknesses. It’s probably worse for IoT devices than for mobile phones that iterate quickly. Embedded IoT systems have longer lives, so may miss out on system updates.

    Part of the response is stricter control of who’s allowed to connect to organisation’s networks. Alongside this, IoT devices need authenticating before sending or receiving data on corporate networks. Another approach is to isolate vulnerable IoT systems behind gateways or on virtual systems, then ensure that gateway updating rules can stop new threats.

    A prerequisite is to design hardware and firmware from the ground up, and include features to prevent access from malware or physical interference. It’s essential that Africa’s healthcare has the resources and capability to test for these, and the other security proposals, as part of procurement.  It seems like a new strand of expertise that African healthcare needs.

  • Are IoT's risks understood and mitigated?

    Risk pervades all endeavours. It’s prevalent in actions and inaction. Mark Zuckerberg, a Facebook co-founder thinks that “The only strategy that is guaranteed to fail is not taking risks.” The challenges are first, is the risk of change so great that it’s unmanageable? Second is how to mitigate manageable risks? Dealing with these enables investors and decision takers to realise a good relationship between risk and reward.

    The Healthcare Internet of Things Rewards and Risk is a report from the Atlantic Council. McaFee, a sponsor with Intel Security, has a summary. The core proposition is that industry must build security into IoT devices from the outset, not as an afterthought. It’s becoming an imperative as IoT move rapidly towards consumers and embedded in medical devices, wearables, stretchables and ingestables.

    It sees the main risks as disruption, leading to threating and distressing situations. This lays a responsibility on numerous IoT actors, including the IoT industry, regulators, and the medical profession. Minimising the risks across the IoT networks helps to maximise the rewards, especially for patients and health workers and the software, firmware, and communication technology firms.

    The report sees this risk and reward emphasises the “Delicate balance between the promise of a new age of technology and society’s ability to secure the technological and communications foundations of these innovative devices.”

    Disruption is seen from three main causes:

    Accidental failures where the technology destroys users’ trusts and IoT demand Privacy violations from often unpredictable malicious attacks Connected devices susceptible to malware that infects IoT devices.

    Requires actions are:

    Evolving regulation that’s co-ordinated and provides incentives for medical device and IoT innovation Better private to private and public to private collaboration Regulators that keep pace with technological progress.

    This provides a challenge for African countries. eHNA posted that their eHealth regulation is limited, and well below good practices from other continents. Both regulatory capacity and capability needs expanding considerably for African countries to keep pace with IoT. There are affordability and expertise constraints. If these aren’t overcome, then the business case for IoT investments needs a significant adjustment for risks, many of which will remain unmitigated. This’ll be inhibiting as the long-term strategic opportunities for mHealth and IoT are considerable for Africa’s vastly overstretched healthcare systems.

    Patrick Warburton, an actor, has another view of risk. “You've got to go out there, jump off the cliff, and take chances.” After you, Patrick. African countries should be at the back of this queue.

  • Is IoT more important than mHealth for Africa?

    The Internet of Things (IoT) is a catchy phrase compared to Machine to Machine (M2M). Whatever it’s called, its impact in Africa seems as though its rising.

    A report by Reuters says that Africa is “fast of blocks (sic)” for IoT. It said that by the end of 2014, developing countries would have 52% of M2M connections, and it’s set to increase to nearly 60% by 2020.

    Africa had some 7 million mobile connections in June 2014. There could be 57 million by 2020. This is the most used route for people in Africa to access the Internet. Most IoT initiatives in Africa are vehicle tracking, mobile payments and smart cities. Other growth services include smart meters and

    using SIM cards to electronic point of sale (ePOS) terminals in remote areas so merchants can accept credit and debit card payments.

    With this surge in devices, Africa’s healthcare has a growing opportunity to expand its IoT projects. It could include initiatives like monitoring patients vital signs remotely, managing supply chains for drug and medical suppliers, managing vaccination supplies as part of vaccination and immunisation information systems, more SMS reminders for patients and carers, and collecting data from medical devices for analysis and action.

    Stepping up IoT in Africa’s healthcare needs a structure to decide on priorities and investment. A white paper by Freescale Semiconductor is one place to start. It’s important that healthcare isn’t left behind in what looks like a bit of an IoT rush into the future.

  • Marc Goodman offers us his cyber-threat dark side

    If you’re not sure of the scale and change of cyber-threats, there’s a book for you. Future Crimes: Everything is Connected, Everybody is Vulnerable and What we can do about it, by Marc Goodman, describes how corporate ICT defences are attacked on a rising scale and often breached. He draws from his database of hundreds of breaches to show the risks and how cyber criminals can steal identities, empty online bank-accounts and crash servers.

    Some of the ways seem bizarre, such as accessing baby cam monitors and pacemakers, analysing people’s social media activity to find the best times to break in, and using algorithms for ransomware that locks users out until they pay a release fee. As technology expands, the threats do to. 3D printers can produce AK-47s, terrorists can download Ebola recipes and drug cartels are building drones.

    Sophisticated security boundaries become a new challenge and can have new inherent limitations. An example is using biometrics instead of passwords which is probably more secure, but once they’re breached, probably by cyber-theft, users and organisations can’t change them quickly and easily.

    Marc Goodman sees a future where ICT can detect cyber-invasions promptly and take remedial action to lock them out. It doesn’t seem as though this is imminent. To reach this goal, he proposes widespread collaboration between public and private sectors on ideas and initiatives to try to jump ahead of the cyber-criminals. The underlying theme is constant vigilance and investment and solutions that are at least as imaginative as the cyber-criminals.

    Marc Goodman’s experience is extensive. He’s worked in law enforcement as a policeman on the streets, been a senior adviser to Interpol, a futurist with the FBI and trained police forces in many countries. He’s the founder of the Future Crimes Institute and the Chair for Policy, Law, and Ethics at Silicon Valley’s Singularity University.

    His book’s published by Bantam Press, part of Transworld Publishers. The price is about US$28 or £20. You may find it cheaper if you search the web securely.

  • Does Big Data need IoT to succeed?

    The promise of Big Data and analytics in health care tends to rise when there’s an epidemic. Now, it seems that Big Data’s not big enough to stand on its own feet. It needs the help of the Internet of Things (IoT). Together, they’re the Industrial Internet. This is what a report from GE and Accenture seems to show. It’s based on a survey across several sectors.

    The survey shows an increasing urgency for organizations to use Big Data analytics to advance their strategies. The belief is that Big Data analytics can change industries’ competitive landscape over the next year, so companies are investing in it. The security, information silos and systems integration challenges seem outweighed by the operational, strategic and competitive advantages. The main findings are:

    93% say that new market entrants leverage Big Data as a critical differentiation strategy 89% say that companies that don’t adopt a Big Data strategy in the next year risk losing market share and momentum 85% say that their companies have Big Data in their top three priorities 84% say that Big Data can transform their companies’ competitive landscape over the next year 65% focus on monitoring assets to identify operating issues 60% expect Big Data to improve their profitability 31% of healthcare organizations say they’re significantly ahead in analytics About 51% of healthcare organizations are investing between 10% and 20% of their technology budgets on Big Data 49% say they’re planning Big Data initiatives for new business opportunities for extra revenue streams with their Big Data strategy, while 60%expect to increase their profitability by using the information to improve their resource management.

    That’s the main exciting Big Data possibilities, so now for the constraints:

    36% say system barriers between departments prevent data collection and correlation 29% say it’s difficult to consolidate disparate data and use the resulting data repository 44% say security and cyber-crime is an issue.

    A balanced solution is:

    Use experts to assess risks and consequences and understand the vulnerabilities, then invest in effective security Break down the barriers to data integration Acquire and develop Big Data and analytics talent Develop new business models Actively manage regulatory risk Leverage mobile technology to deliver analytic insights.

    These form a nucleus of a Big Data strategy for healthcare organisations in Africa. The challenge is fitting into constrained budgets that aren’t enough for all the eHealth possibilities, but this is the nature of eHealth leadership.

  • The mHealth super app

    Bill Gates remarked that “software is a great combination between artistry and engineering.”According to Natalie Hodge and Brandi Harless of Personal Medicine Plus, good mHealth apps are about combinations too, though for them it’s mHealth and Internet of Things (IoT), intersecting to produce the super app. They wrote about it recently in mHealthNews.

    eHNA’s had numerous posts about mHealth and a number on the IoT. This is the first time they’re together. It’s a novel idea, that if we connect all the apps that tell a patient how they are doing or what they should do next, we might end up with a health promoting, or healthcare, platform, or both. It would help people stay healthy and allow them, in some cases, to take their health into their own hands and bypass the conventional healthcare system. It’s the approach Google Fit is following too.

    Hodge and Harless suggest that winning super apps have six attributes:

    Use multiple proven technologies in mHealth in tandem Leverage proven engagement strategies Leverage application programming interfaces Use connected health devices Automate interpretation of data with actionable and immediate instructions for behavior change Build on evidence-based prevention principles.

    The themes match well with important eHealth topics, such as interoperability, analytics and sound stakeholder engagement. They also raise questions about risks of cybercrime and the complexity of conducting impact assessments.

    The list is different to those eHNA reported in eHNA’s piece on a new recipe for successful mHealth apps. Perhaps their combination would be good too.

    eHNA will watch for reviews of projects that show how the concept develops. We look forward to more posts on fortuitous combinations, particularly about new ways of using eHealth to improve health and healthcare.