Our client is Fortune 100 Medical Device manufacturer. SPKAA acts as a product cybersecurity managed service provider for their hospital products which have embedded Windows or Windows OS.
Fortune 100 MedDevice Problem
For over 10 years, SPK has provided ongoing technology-managed services to the manufacturer’s R&D team. Specifically, we have implemented and supported all the networking and systems technology for the division’s products. As part of this service, SPK proactively monitors and addresses FDA and DoD cybersecurity requirements for the products.
With around 46,500 employees, this client specializes in medical devices and medical-surgical equipment such as advanced digital healthcare, sterilization equipment, emergency care data solutions, image-guided therapies, surgical visualization tools and so much more.
Our med device client wanted to sell their commercial device to the DOD and get through their authorization process. This required them to strip some functionality and implement required DOD controls.
Without SPK’s cybersecurity managed services, the company would have to hire outside consultants or new team members to meet the requirements. This would be more inefficient and costly.
Creating A Plan To Improve Cybersecurity
Our client’s Director of R&D and the Product Manager engaged SPK for our expertise in cybersecurity, networks, and operating systems to help implement the DoD requirements.
We appointed two team members to collaborate with the client. First, they needed to specifically define the security requirements. Second, they had to identify how they could be implemented onto the device.
Throughout the collaboration, SPK stepped in to cover any knowledge gaps. These included installing and configuring the required security software onto the device and troubleshooting any broken functionality as a result.
Accelerated MedDevice product sale
Removed additional developer labour
Successful cybersecurity troubleshooting
The Solution
Once the plan was finalized, our team helped integrate and troubleshoot the cybersecurity tools and DISA security settings. These included providing remedial action for the following resultant issues and bugs.
- Loss of device control after reboot;
- Security software blocking execution of device functions;
- Windows updates failing to apply;
- System crashes.
Through this remedial action, we successfully:
- Implemented security tools and best practices including whitelisting software, anti-virus, disk encryption, windows updates, and vulnerability scans onto the medical devices
- Reduced the risk of being denied authorization.
- Implemented DISA STIGs and Operating System Security Baselines.
Through our long-term Engineering Operations managed services relationship with this client, we are able to seamlessly address and troubleshoot these kinds of issues over time. This means that as the issues arise, we are primed to quickly understand the problem and accelerate the path to a successful resolution.
The Results
Through great communication and collaboration, SPK helped to quickly implement the DoD cybersecurity requirements and troubleshoot any broken functionality as a result.
SPK helped the client achieve:
- Cost savings – We were able to reduce the cost of investment for the client by immediately and quickly addressing the problems. This allowed the company to sell their product to the military buyer within a shorter time frame.
- Client Engineering time savings – We were able to find solutions to interoperability issues without needing to use the client’s software developer team’s time or wait for vendor feedback.
- Quality improvements – We helped troubleshoot bugs while maintaining high-security standards.
If you would like support navigating or implementing cybersecurity with your medical device, you can contact our team here for a no-obligation discussion.
We are delighted with the support SPK’s team have provided us for more than a decade. There’s a reason why we continue to trust SPK. They keep us, our products, our clients and our end customers safe. Their team really are the experts for MedDevice cybersecurity.
With their support we successfully completed the sale of our product in less time, with less cost investment and still maintained the exceptionally high cybersecurity standards that our brand is recognized for. Thank you SPK.
Get a no-obligation initial assessment
Whether you’re trying to solve technical problems, implement new technology tools and strategies, or improve efficiency, SPK and Associates can be a key part of your strategy. We can provide a free, no-obligation initial assessment on almost any technology or engineering situation. Contact us today at (888) 310-4540 or info@spkaa.com.