Black Hat: Security needs to be attached to the workload and to be multilayered looking at data, network, computing, and users. The enterprise needs to rip a page from the playbook of this medical device company. The company implemented an “onion” strategy, with several layers of protection attached to an individual workload. It uses encryption of data on the device itself to protect the data layer, and the user layer, where access controls allow the company to see who logged in and who logged out, and add password complexity requirements.”]
Source: https://www.darkreading.com/cloud/what-enterprises-can-learn-from-medical-device-security