Our Approach

While you could go through the trouble of pulling together open source crypto libraries, certificate authority APIs, and monitoring solutions, or even write some of your own from scratch, we believe the MedCrypt platform offers a better alternative. We abstract away the complexity of integrating open source crypto libraries with PKI and monitoring infrastructure and provide simple API calls for key provisioning, certificate generation, data security ops, and monitoring.

We solve this problem by providing our customers with a configuration driven library that exposes a simple API to properly implement data security operations, crypto library versioning/vulnerability tracking, key management, and device behavior monitoring. The features our solution provides also happen to cover all of the FDA’s new requirements for data security in medical devices. These requirements place special emphasis on proper data encryption, signature verification, intrusion detection, and vulnerability monitoring.

Medical device vendors can use our C and C++ libraries, plus bindings for NodeJS, Java, C# .NET, etc., to implement the required data security functions and monitoring in their embedded and capital equipment systems more quickly and easily than building this in-house. Also, our behavior-monitoring baselines are developed using the data from multiple classes of medical devices from multiple vendors, giving our customers access to a dataset larger than they’d be able to build on their own.

Learn the background information on good security practices in the next section.