Hospital IT organizations are challenged with managing and securing diverse hardware and software systems. Further complicating matters, some equipment manufacturers devise unique security solutions, often the result of designing purpose-built solutions based on non-standard or proprietary components. Consequently, determining whether equipment complies with the security policies of the purchasing hospital can be difficult, and it may be more challenging to capitalize on the latest security advancements developed to secure IT infrastructure built with standards-based computing technology.
Organizations are also tasked with reaching consensus on security policy, which can be a challenge due to the conflicting viewpoints and goals of key stakeholders. Security officers tend to advocate locking down systems to better protect the network, while IT managers gravitate toward opening up the network to deliver the best end user experience. Some common ground may be found with a layered security model implemented on standards-based platforms to improve device security and lower hospital IT requirements.