Partner of project SPHINX – Universal Cybersecurity Toolkit for Healthcare Organisations, EDGE has been the leading responsible for the development of the SPHINX Third-Party Interface that enables third-parties to access the SPHINX System. With strong authentication, authorisation and encryption mechanisms, the SPHINX Third-Party Interface exposes the advanced SPHINX cybersecurity functionalities to third-party components, systems, applications and devices, in order to assess their fulfilment of the best SPHINX cybersecurity practices before integrating these assets into the IT infrastructure monitored by the SPHINX System.
Based on a programmatic interface, suppliers of medical devices or specialised clinical software may access the SPHINX System’s available services to validate whether their devices and solutions are compatible with the high cybersecurity protection levels of the SPHINX System, thus receiving a SPHINX certificate. In the situations where the SPHINX System identifies cybersecurity vulnerabilities in the assessed devices, systems and applications, the SPHINX Third-Party Interface delivers a detailed report with the proposed action plan to be followed by the suppliers so that their products and solutions may become trusted assets and integrate the technological ecosystem under the SPHINX System cybersecurity watch.
Through the SPHINX Third-Party Interface, new devices, systems and applications may interact with several SPHINX components, in a controlled environment that does not disrupt the normal operation of the whole technological infrastructure. Amongst the several SPHINX components with which the new assets interact, there are the traffic monitoring, the anomaly detection, the cybersecurity events and incidents management, the homomorphic encryption, the anonymity and privacy component, the sandbox system and the register of cybersecurity events using blockchain technologies.
EDGE intends to explore the opportunity to monetise the SPHINX Third-Party Interface, offering device, system and applications validation and certification before their integration in a SPHINX ecosystem, as well as allowing third-party specialised suppliers to extend and improve SPHINX’s cybersecurity functionalities, including by adding new added-value functions to the SPHINX System.