Brainlab Buzz 2.0 System And Technical User Manual page 18

Software Environment
Cybersecurity Use Environment
Cybersecurity considerations were made in accordance with the nature of the device, including
the device type and the following use environments of the platform(s) during its lifetime. The
following common best practice security controls ("security hygiene") in the use environment are
expected to be followed. Independently of the status of the platform (powered / not-powered):
• Good physical security to prevent unauthorized physical access to the platform.
If the platform is powered on, the following additional security controls are expected to be
followed:
• Access control measures (e.g., role based) to ensure only authenticated and authorized
personnel are allowed access to network elements, stored information, services and
applications.
• Network access controls, such as segmentation, to limit medical device communication.
• General patch management practices that ensure timely security patch updates on adjacent
devices in the use environment. For the patch management of the platform, see the information
under Software Environment in this user guide.
• Malware protection to prevent unauthorized code execution on adjacent devices in the use
environment. For the malware protection of the platform, see the information under Software
Environment in this user guide.
• Ensure that prescribed maintenance is done as required, including installation of security
patches.
• Security awareness training of the users.
Using the device outside of the intended operating environment may lead to cybersecurity
incidents that may affect safety and effectiveness of the device
18 System and Technical User Guide Rev. 1.2 Buzz Ver. 2.0