Control all user activities of unique identities
Secure and controlled remote maintenance of medical devices
Protection against exploitation of privileged rights in information systems
VISULOX supports institutions in the health sector to securely shape the digital transformation.
The protection of human life is paramount. In critical infrastructures as well as regional facilities, outpatient and full inpatient. The prioritisation of cyber security and the integration of technical measures into digitalisation strategies present organisations with regulatory, contractual and practical challenges in their daily work.
Secure Remote Support for hospital IT and medical devices
Since the introduction of the IT Security Act by the BSI and the KRITIS Ordinance 2015 KRITIS houses, hospital facilities have been facing enormous technical and organisational challenges in order to implement the industry-specific security standards. Due to the introduction of § 75c SGB V, this also affects non-KRITIS-relevant hospital facilities since 2022.
Experience and audit results show that the protection of pure IT landscapes is increasing, while medical networks, large medical devices and networked medical products in OT infrastructures, are still treated stepmotherly.
The reason for this lies in the legal requirements such as compliance with regulations according to the Medical Devices Act and Ordinance.
Likewise, manufacturer specifications and historically grown structures and system landscapes make it difficult to clearly separate the networks and access them from the outside. All these factors prevent the implementation of legal requirements - even though threats are acute.
VISULOX manages all access to the entire medical equipment in the hospital, which is accessible via TCP/IP. Secure, documented and according to its own defined standards, by internal and external staff.
Detached from separate network segments, operating platform or software used, it is possible to implement the technical requirements and comply with all documentation obligations. VISULOX enables seamless control of all information that enters or leaves the network.
VISULOX Remote Support is a central portal for all external access options for service providers and third parties without exception. Control here who can access what and when, and enable remote access with confidence.
Acting quickly in an emergency
The worst-case scenario of a total blackout of an entire clinical facility is not fiction, but reality. This is demonstrated by recent examples of German university hospitals and regional providers. An infestation with ransomware, which renders entire infrastructures incapable of action for days and weeks, is one of the most serious cyber threats of our time.
The maintenance of medical care
Who did what, when, where and why. Answer it.
Any ransomware infestation or malicious code execution is due to unauthorised high privileged rights being abused and escalated.
In the event of encryption of operational infrastructures and the associated loss of hospital information systems or other critical assets, such as the PACS or RIS, complete documentation of all activities and the possibility of reconstruction is vital for survival.
Both live data, who is currently in the system, and historical information (who did what where and when in the internal network) provide the essential basis for processing in the event of a cyber attack.
In an emergency, remove all users from the infrastructure without exception at the push of a button or start root cause analysis based on recorded user activities with unique user IDs, transferred data in specific time periods or defined event logs.
VISULOX Remote Support offers central and complete documentation of all activities by (external) employees, service providers or third parties. The top priority is to eliminate errors, but this reliable information also provides a basis for clarifying the question of guilt and actively avoiding errors in the future.
Automotive And Manufacturing
Logical safety zones in the productions protect and document
Securely design and document access to assets in R&D areas
Service provider control and complete documentation of activities
VISULOX supports critical asset protection and access control within OEM and supplier digital ecosystems.
OEMs and automotive suppliers face the challenge that trade secrets must withstand competitive pressure and technological advances must be maintained. Access to and transfer of sensitive data by internal and external employees or third parties requires complete documentation for protection.
Compliance and regulatory requirements
The automotive industry is undergoing a transformation into a completely digitalised, networked ecosystem. Vehicles and IOT devices will be networked with each other - traffic lights, parking spaces, vehicles and co. will communicate with each other.
These new technologies can improve safety, comfort and even environmental friendliness. However, the prerequisite for this is that we humans can trust this smart, dynamic ecosystem. For the automotive industry, this means, among other things, that the supply chains between manufacturers and suppliers must function without friction.
VISULOX is designed to fulfil large parts of the compliance requirements of regulatory frameworks, always in accordance with the latest standards. The focus is on clean client separation and controlled access to assets that require protection, because identity and access management are the basis of cyber security.
Contact us for a complete and detailed mapping of all individual measures of relevant industry standards that VISULOX supports and complies with.
Remote Support & Maintenance of production facilities
Safe Remote Support and maintenance are the basis for maximum efficiency and plant availability in networked production. Priority is given to strong authentication, unique identification of the user, the lowest possible number of authorisations and complete documentation of activities.
VISULOX enables all accesses of internal and external employees to every production plant accessible via TCP/IP in the entire production, securely, documented and according to individually defined standards.
Dedicated application releases in combination with the mandatory release of data that enters the network from outside through third parties significantly reduce the risk level.
Test data and live information can be transferred precisely and, if required, visually documented to the control systems of production machines.
VISULOX serves networked service providers in the system as a portal for all user access and file transfers that require attention and protection in the course of information security.
Energy and supply
Controlled and documented access to SCADA systems and industrial core components
Automated documentation of activities in critical network segments
Elimination of function accounts and anonymous users