KLAS: Evaluating Top Healthcare IoT Security Vendors

Medigate, Ordr, and Armis are among the most considered and adopted healthcare Internet of Things (IoT) security vendors in 2022, according to a new KLAS report. Healthcare IoT solutions can help organizations increase connected device visibility and manage security risks.

KLAS evaluated healthcare IoT security vendors based on interviews with healthcare professionals and data on what vendor solutions are commonly considered, replaced, and purchased.

Medigate, which Claroty acquired in January 2022, was the most considered and most purchased by prospective customers, primarily due to the platform's functionality, integration, and intuitive interface. Surveyed prospective customers who did not choose Medigate mainly attributed the decision to cost.

Ordr’s customers consisted of large health systems that used the platform “to do more than simply see what devices are connected to their network—they also track device utilization, identify abnormal device activity, and monitor traffic,” the report said.

Customers reported mixed feedback surrounding integration, but many cited Ordr’s training and education as selling points, along with its improved interface.

Although KLAS interviewed a limited number of Armis customers, the report noted that Armis grew quickly and recently signed contracts with larger healthcare organizations. Interviewed customers said they received support without additional fees, and those who did not choose Armis cited other vendors’ healthcare-specific solutions.

The KLAS report observed that increased device visibility is no longer enough to satisfy customers.

“Many healthcare internet of things (IoT) security solutions give organizations visibility into connected devices, but the most effective solutions also help actively reduce the risk associated with those devices,” the report stated.

Other assessed vendors included Palo Alto Networks, Asimily, CyberMDX, Cylera, Cynerio, and Sensato.

Palo Alto Networks, which offers an enterprise solution that integrates IoT security with other security controls, was highly considered by most customers. However, Palo Alto Networks lagged in terms of customer satisfaction. Since the vendor acquired Zingbox in 2019, customers have reported slower response times.

“A few dissatisfied respondents report challenges with functionality, such as a high number of unmatched devices, a difficult learning curve, and stagnant post-acquisition development,” the report noted.

“Respondents also note limited or complicated integration with various systems (e.g., firewalls, scanners, and the ticketing system). Frustration with device-discovery functionality has prompted multiple customers to replace or consider replacing Palo Alto Networks.”

Along with software solutions, KLAS observed healthcare organizations engaging with services firms to manage IoT security risks. Interviewed decision-makers are increasingly looking to First Health Advisory, CynergisTek, and Fortified Health Security to manage risk.

The report revealed telling trends about the current state of healthcare IoT security. Healthcare organizations continue to grapple with medical device and connected device security challenges, including a lack of device visibility.

In addition, legacy devices and software vulnerabilities are accessible and appealing targets for threat actors. Healthcare organizations should prioritize healthcare IoT risk management to maintain security.