Medical manufacturing, IoT cybersecurity, who’s on the move

September in Northeast Ohio is when weather is perfect, so I'm planning on being outside to enjoy it. Before I head off for the wekened, here are a few industry items to know.

Craig Hahne, VP of strategic relationships, Tsugami/Rem Sales

© Tsugami/Rem Sales

Tsugami/Rem Sales appointed Craig Hahne to the position of vice president of strategic relationships. Hahne’s main focus will be working with strategic accounts, primarily in, but not limited to, the medical machining industry, overseeing Dan Walker, Tsugami/Rem Sales’ director of business development. Together, they will work closely with the Tsugami/Rem Sales engineering, sales, and distribution teams to develop new business relationships and create best fit solutions for end-user customers. The duo will also work directly with Tsugami’s corporate office on product design and technology releases.

Hahne brings more than 30 years of experience in manufacturing to the Tsugami/Rem Sales team. He began his journey in manufacturing by receiving a degree in Machine Tool Technology. Following that, he worked as a CNC machinist, and then programmer, and eventually plant manager before becoming a sales engineer in 2008. In 2015, Craig became the sales manager at Morris Midwest Minnesota and in 2017 was promoted to vice president of sales at Morris Midwest – A Division of Morris Group Inc., where he covered strategy and sales throughout Illinois, Wisconsin, and Minnesota.

“We are very pleased to welcome Craig Hahne to the Tsugami/Rem Sales team. His previous experience allows him an in-depth understanding of the manufacturing industry, Tsugami brand, and Rem Sales culture,” says Michael Mugno, president, Tsugami/Rem Sales LLC. 

Precision ADM receives strategic private investment

Plans are for added manufacturing capacity, quality systems, and materials for production of medical, aerospace parts and engineering services.

Precision ADM Inc. received a strategic U.S. private investment from Andy Christensen and Joe Allison.

Andy, founder and president of Medical Modeling Inc., has spent his entire career focused on developing and expanding the medical applications of additive manufacturing. Medical Modeling was acquired by 3D Systems in 2014 and Andy left 3D Systems in 2015.

“It’s a pleasure to be aligned with Precision ADM, their great team and vision for additive manufacturing,” Andy says. “Additive metals in the orthopedic, spine, and craniomaxillofacial space is in a high growth phase with ample opportunity in serial and patient-matched implants.”

Joe co-founded Solid Concepts in Valencia, California in 1991, leading the 3D printing industry for many years as a parts manufacturer and software provider. Solid Concepts was acquired by Stratasys in 2014, then merged with Harvest Technologies and RedEye to create Stratasys Direct Manufacturing, where most recently Joe served as CEO.

“Precision ADM is well positioned to aggressively expand 3D printing into new medical and aerospace applications,” Joe says. “The executive team has the vision, experience and passion to make a material difference in this industry.”

This investment will provide added capital to further the company’s aggressive growth strategy in the medical device and aerospace sectors, including securing additional manufacturing capacity, quality systems, and material selection for serial production. Additionally, this investment grants the company the ability to further implement Industry 4.0 strategies.

“I am very grateful to Andy and Joe for their investment and their confidence in Precision ADM as they are both true additive manufacturing pioneers in the medical and aerospace industries over the last 25 years,” says Martin Petrak, CEO. “Our customers have already come to expect the highest quality and greatest service from us, and I believe this investment will truly enhance their additive manufacturing experience.”

10 strategies to protect IoT devices

Cyber Security Services finds the majority of Internet of Things (IoT) threats can be mitigated using these 10 risk-reduction strategies.

From medical equipment to smart lighting, building automation to industrial machinery and barcode readers to the electrical grid, they are all connected within the Internet of Things (IoT) and require adequate security controls.

Here are Columbus, Ohio-based Cyber Security Services’ top 10 strategies for IoT devices.

1. Change default passwords. The first step to improving IoT security can seem commonsense yet security consultants run into default passwords all the time. Businesses need to establish and enforce procedures to change default passwords for every IoT device on the network and should be changed after a determined amount of time. Passwords can be stored in a password vault similar to how service accounts and privileged user passwords are protected.

2. Separate the corporate network. Whenever possible, separate the corporate network from vendor managed and unmanaged IoT devices. This might include heating, ventilation, and air conditioning (HVAC) systems, security cameras, temperature control devices, electronic signage, smart televisions, media centers, security digital video recorder (DVRs) and network video recorders (NVRs), network-connected clocks, and network-connected lighting. Use virtual local area networks (VLANs) to separate and keep track of various IoT devices on the network. Apply an Access Control List (ACL) to VLANs or network access ports whenever possible to limit communication to the least amount required for device operation.

3. Prevent IoT devices from communicating with the internet unless absolutely necessary. Many devices run archaic operating systems and many embedded operating systems can be used to reach out to command-and-control locations. Systems can be compromised during the manufacturing process. While it's impossible to completely eliminate an IoT security threat, businesses can prevent IoT devices from communicating outside of the organization unless absolutely necessary.

4. Control which vendors are allowed remote access to IoT devices. To improve IoT security, put controls in place to limit the number of vendors granted remote access to IoT devices. Limit it to those individuals performing tasks under the supervision of knowledgeable employees, which might include access through remote hands, such as WebEx. When remote access is absolutely necessary, ensure those vendors use the same solutions as would in-house personnel.

5. Implement a Network Access Control (NAC) solution. A NAC solution with proper switch and wireless integrations can help an organization improve IoT security by detecting most devices and identifying rogue network connections. It can also apply controls to devices that are not authorized or granted merely limited access to the network.

6. Implement a vulnerability scanner as soon as possible. Vulnerability scanners from commercial vendors are effective in detecting the types of devices connected to a network and are useful tools for organizations looking to enhance their IoT security.

7. Run an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) on the network. While continually running an IDS or IPS on the network will not detect all malicious network traffic, it can offer a good indication when an IoT device has been compromised should it traverse the IDS/IPS.

8. Ensure proper management of all IoT devices. Proper device management includes patch management at the local device level along with enterprise-wide inventory management. Inventory management will ensure remotely managed devices are cataloged, with records in place detailing registration, configuration, authentication, and other pertinent device data.

9. Restrict internal and external port communication on firewalls. To elevate IoT security, Cyber Security Services recommends that companies prevent outbound communication unless that communication is specifically required.

10. Remove unsupported operating systems, applications, and devices from the network. Conduct an inventory that reveals which operating system a device might be running.

Cyber Security Services is a cyber security consulting firm and security operations center (SOC) headquartered out of Columbus, Ohio. The company provides IoT security solutions, virtual CISO services, penetration testing, security monitoring, cyber security product expertise, and cyber security consulting for clients nationwide.

ICYMI – Catch up on the medical design and manufacturing news you may have missed last week.