Upload MDS2 files that IoT Security can use to detect vulnerabilities and security alerts in medical IoT
Note: The Administration > MDS2 page only appears when IoT Security detects IoT devices that belong to the Medical category on the network.
Medical device vendors often release Manufacturer Disclosure Statement for Medical Device Safety (MDS2) forms. These list the security-related features of their products. Vendors issue MDS2 documents for each version of a medical device and include information such as whether a device processes PHI (personal health information); if it stores PHI and, if so, if it's encrypted; and if antivirus software is installed on the device.
On Administration > MDS2, you can upload MDS2 files to IoT Security so it will consider the information they contain together with environmental factors when assessing device risk. On this page, you can view uploaded files, download them, and remove them. You can also download a complete list of all uploaded MDS files or a list of one or more selected files.
To upload a file, click the
icon ( ), navigate to an MDS2 file in PDF format, and then select and upload it.
IoT Security matches the uploaded MDS2 file with devices that share the same model, vendor, and profile as those specified in the file. Although you can upload an MDS2 file on the Device Details page, IoT Security only applies the MDS2 file to that individual device. On the other hand, if you upload an MDS file on the MDS2 page, IoT Security searches its inventory for all devices with the same model, vendor, and profile attributes and applies the MDS2 file to all matched devices. Furthermore, if new devices are added to the inventory later, IoT Security will apply the MDS2 file to those devices as well.
Clicking a number in the Matched Device column opens the Devices page with a filter applied to show just those devices that match the MDS2 file.
The number in the Matched Device column on the MDS2 page is the total for all sites. If you have administrative access to device data for a subset of sites, the number of matched devices on the Devices page might be smaller than the number on the MDS2 page.
To view some details about an MDS2 file, click the entry in the File Name column. An information panel slides open on the right side of the main window listing the three attributes that IoT Security uses to map the MDS2 file to devices. Below this, it lists several key points about the device, the document, and security.
If you notice any inaccuracies among the device mapping rule values, it’s possible that text alignment issues in the PDF caused the characters to be parsed incorrectly. As a result, IoT Security wouldn’t be able to match the MDS2 file with any devices. In such cases, click
to the right of Device Mapping Rule, modify the text as necessary, and then click
In addition to the values in the Device Mapping Rule, you can edit other attributes in the MDS2 file if they were parsed incorrectly as well. Whenever you click
—either for changes to Device Mapping Rule or Data from MDS2 File—IoT Security immediately removes any previous matches for the MDS2 document and runs the matching process again.
To view an entire MDS2 file in PDF format, click
Show PDF
in the information panel.
To download the PDF, click the
icon ( ) at the top of the PDF viewer.
To close the information panel (and PDF viewer if it’s also open), either click the X in the upper right corner or click the file name again.
To download a list of all uploaded MDS2 files in a .csv file, click the
icon ( ) above the MDS2 table. To download a list of one or more MDS2 files in a .csv file, select check boxes of the ones you want to download and then click
To delete one or more previously uploaded MDS2 files, select the check boxes of the files to delete and then click

Recommended For You