Value in the Internet of Things (IoT) or connected economy is created and sustained by technology-enabled integration and links of data related to and between people, machines, and organizations. Leaders in the IoT economy recognize the opportunities but more importantly are moving to take advantage of the promise of a connected economy.
KnectIQ’s DASB™ provides for secure access and authentication to IoT devices. Imagine the possibilities and insights gained when you have access to deeper and broader information.
Connected care is far more than the real-time, electronic communication between a patient and a provider, including telehealth, remote patient monitoring, and secure email communication between clinicians and their patients. Connected care is the process and pathway to achieve optimal health outcomes and patient safety, personalized medicine and improved therapy performance (medical devices and pharmaceuticals), while lowering the cost of care. KnectIQ’s patent pending protection and connection of identifying data is vital to achieving these goals.
Protecting personally identifiable information (PII) and protected health information (PHI) ensures that the you meet all applicable regulatory and compliance requirements while providing your customers, employees, patients and anyone who integrates or affiliates with you, the peace of mind that their sensitive identifying information is protected from unauthorized access and use. You retain optimal use of any transaction data related to PII/PHI without sacrificing hardened security around any identifying data..
Clinical Trial Data
When collecting and linking identifying information (e.g., subjects’ names, medical record number, etc.) to subjects’ responses (e.g., questionnaire answers), researchers must provide the utmost confidentiality of subject data. The following are current examples of practices that may be implemented to increase the level of confidentiality:
- Use study codes on data documents (e.g., completed questionnaire) instead of recording identifying information and keep a separate document that links the study code to subjects’ identifying information locked in a separate location and restrict access to this document (e.g., only allowing primary investigators access);
- Encrypt identifiable data;
- Remove face sheets containing identifiers (e.g., names and addresses) from survey instruments containing data after receiving from study participants;
- Properly dispose, destroy, or delete study data / documents;
- Limit access to identifiable information;
- Securely store data documents within locked locations; and/or
- Assign security codes to computerized records.
These methods, while useful, still require the storage of a subject’s identifying data linked with the study code. This provides an attractive infosec attack vector for cyber-criminals or unfriendly entities. KnectIQ’s DASB™ eliminates the need to store security credentials containing linked study codes.
Securely access and authenticate your IoT endpoints while enhancing the ability to build a connected ecosystem where only trusted communication occurs. KnectIQ’s DASB™ eliminates the need for expensive key management solutions while eliminating the threat surface created by stored keys and other security credentials.
Wearables include but are not limited to fitness trackers, quantified self devices and smart clothing. Wearable technology risks fall into three main categories:
- InfoSec or Cyber risks. If data transmitted via wearables is not properly secured, companies may face class action lawsuits, costly fines and damage to their reputation.
- Bodily injury risks. Compromised devices can cause injuries, illnesses and even death of wearers or patients. Device manufacturers may face substantial liability.
- Failure to protect identifying data. Companies could be held liable for an economic loss from the failure of a device to protect the wearer’s identity. Jurisdictions such as the European Union (EU) are preparing to level significant fines for this failure to properly handle customer, employee and patient data.
Healthcare providers lack a secure and cost effective way to link any and all of a patient’s health records between and among healthcare providers, electronic medical record platforms, medical devices and quantified self wearables. KnectIQ’s patent-pending de-identifying/re-identifying technology connects any and all of a patient’s protected health information (PHI) without exposing PHI or personally identifiable information (PII). Unlike current solutions, knectIQ accomplishes this without using a coordinating lookup table or data repository that contains a unique key relating to a specific patient. Current lookup tables are vulnerable to a cyber attack as they create an attractive threat vector.
A physician or other caregiver who needs to know the patient’s complete history faces a problem when securely querying different hospitals to find relevant health records. While existing remote access to patient records can be hampered by disparate storage methods, databases, and access protocols, there remains the initial problem of accurately identifying and connecting to all of a patient’s relevant health records. This lack of connection poses a risk to patient safety. Further, protocols using fax machines, despite the best efforts of hospitals to secure the paper, remain extraordinarily vulnerable to accidental exposure and loss of PHI and PII.
Solutions that manage encrypted information transfers by maintaining a repository of decryption keys are only as secure as the ability to protect the keys. Protection schemes that rely on trust certificates face a similar dilemma. Other approaches that rely on a super master patient index to link a patient’s different medical record numbers across health record platforms makes for an attractive infosec attack vector. Finally, tokenization, while effective for one-time use, does not provide a cost effective mechanism for linking patient data across disparate electronic health record platforms.
KnectIQ’s DASB™ solves the problem of securely accessing a specific patient’s health records on any EHR/EMR or health information data repository. Security credentials, PHI and PII are never exposed.
KnectIQ Inc. provides the tools to strengthen existing information security solutions. KnectIQ DASB™ complements and supports existing tools such as white box cryptography, encryption, hashing, tokenization and trust certificates. Finally, KnectIQ’s DASB™ eliminates the need for expensive key management solutions while eliminating the threat surface created by stored keys and other security credentials.
Automakers are rushing to leverage the benefits a connected car solution brings to their customers. One U.S. automaker has built a global development platform which includes content, smartphones and applications. The focus is on building customer experiences with seamless connectivity inside and outside the vehicle. Another U.S. automaker adopted an open platform approach with an API including various types of information from the vehicle.
While automakers are accelerating their efforts, the threat to automotive computer systems grows. Cars can have more than 125 individual software-driven electronic control units (ECU). Inside the connected car, there can be 100 million lines of code, and that number is growing exponentially. These surfaces provide an attractive threat vector for those with malicious intent. The FBI and National Highway Traffic Safety Administration shared a joint formal announcement cautioning drivers of the increased risks that come with connected vehicles. Automakers’ security responses have been to use existing cryptographic tools and processes. These approaches are effective as long as keys, codes and trust certificates are sufficiently secured. However, numerous security lapses in key and certificate protection have been noted.
Consumers want a car that works at every point of interaction — without complications, security attacks or malfunctions. KnectIQ’s patent pending technology provides for secure authentication and protection of vehicle and personal identifying information.
There is increased focus on securing medical devices. Manufacturers are implementing device security teams. The FDA issued guidance on medical device cybersecurity, in part, as a manufacturer’s security obligations do not cease once the product is released into the marketplace. We laud these efforts as they will lead to safer medical devices. Device manufacturers that recognize that security is the first step to realizing the promise of true connected care will realize significant competitive advantages by connecting their data, on an individual patient level, with that of providers and payers.
KnectIQ’s DASB™ provides for secure access and authentication to medical device patient information.
Cybersecurity of energy delivery systems is critical for protecting a nation’s energy infrastructure. Likewise, defense, communication, transportation, banking and finance, water production and delivery are fundamental to a thriving economy and society. Secure authentication and communication to a nation’s infrastructure control systems is increasingly vital in today’s threat environment.
KnectIQ’s DASB™ provides for secure access and authentication to computing devices, IoT devices and wireless control access points.
Machine-to-Machine M2M cybersecurity deals with vulnerabilities and attack vectors of computer-controlled and highly automated environments with restricted or no direct user access or intervention. M2M ecosystems and environments include wireless sensor networks, industrial control systems or smart grid infrastructure and are often based on mission-critical real-time embedded systems that are interconnected using wired (e.g. Ethernet, RS-485) or wireless (e.g. 802.15.4) network standards.
KnectIQ’s DASB™ provides for secure access and authentication in M2M environments across wired or wireless transport layers.