Le dilemme de BYOD
par Brendon Nafziger, DOTmed News Associate Editor | January 11, 2013
From the January 2013 issue of HealthCare Business News magazine
One security tool mentioned by Greene is virtualization, where personal devices have virtual access to electronic health records or enterprise email systems, but nothing is stored on the phone itself. If it gets lost or stolen, crooks can’t pull the information off the phone’s memory – it simply isn’t there. Other techniques for protecting phones owned by both the user and the institution include locking or wiping phones after 10 failed password attempts (the stronger the password, the more attempts permissible) to “timeouts” where phones require the password to be put in again after being idle.
As for Halamka’s hospital, BIDMC, it has rolled out a two-phase BYOD strategy. This year it has been using Microsoft Active Sync to “enforce encryption, password protection and timeouts on smartphones,” Halamka told DOTmed News in an email. Active Sync, an earlier version of Windows Mobile Device Center, synchronizes a mobile device with a Windows-based computer. Halamka said the hospital also paid for the encryption of more than 1,000 of its own laptops using Mac OSX and Windows 7 encryption tools, as well as McAfee Endpoint and self encrypting drives.
Of course, the hospital also launched a three-month intensive training program, and a “major educational campaign for all staff that includes advice and assistance” on encrypting devices in their homes. Next fiscal year, Halamka said they’ll work on technology to limit remote access and downloading, and promote two-factor authentication.
In the vault
For hospitals that choose to let employees use their own phones to access sensitive networks, it’s critical to make sure they’re protected against hacks and intrusions. For instance, consumer apps on unprotected phones can represent a safety risk if they become corrupted or allow backdoor access to cyber criminals.
“For the health care providers, it’s a new horizon,” Ken Gosselin, with Good Technology, a Sunnyvale, Calif.-based company that makes mobile security software, told DOTmed News. “From an IT perspective they’re asking all the same questions, how can an iPhone have business and corporate-liable information on it and keep it safe?”
For its part, Good provides technology that virtually walls off sensitive applications or data from the rest of the device, in a process they call containerizing. Segregating health care data from other applications can help prevent dodgy apps or, say, an infected copy of Fruit Ninja from compromising protected information.
“That application is completely containerized, it’s essentially locked in a vault digitally,” Gosselin said. Good said it has over a dozen health care customers, including big institutions like NYU Langone Medical Center in Manhattan and University Hospitals.
One security tool mentioned by Greene is virtualization, where personal devices have virtual access to electronic health records or enterprise email systems, but nothing is stored on the phone itself. If it gets lost or stolen, crooks can’t pull the information off the phone’s memory – it simply isn’t there. Other techniques for protecting phones owned by both the user and the institution include locking or wiping phones after 10 failed password attempts (the stronger the password, the more attempts permissible) to “timeouts” where phones require the password to be put in again after being idle.
As for Halamka’s hospital, BIDMC, it has rolled out a two-phase BYOD strategy. This year it has been using Microsoft Active Sync to “enforce encryption, password protection and timeouts on smartphones,” Halamka told DOTmed News in an email. Active Sync, an earlier version of Windows Mobile Device Center, synchronizes a mobile device with a Windows-based computer. Halamka said the hospital also paid for the encryption of more than 1,000 of its own laptops using Mac OSX and Windows 7 encryption tools, as well as McAfee Endpoint and self encrypting drives.
Your Trusted Source for Sony Medical Displays, Printers & More!
Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
Of course, the hospital also launched a three-month intensive training program, and a “major educational campaign for all staff that includes advice and assistance” on encrypting devices in their homes. Next fiscal year, Halamka said they’ll work on technology to limit remote access and downloading, and promote two-factor authentication.
In the vault
For hospitals that choose to let employees use their own phones to access sensitive networks, it’s critical to make sure they’re protected against hacks and intrusions. For instance, consumer apps on unprotected phones can represent a safety risk if they become corrupted or allow backdoor access to cyber criminals.
“For the health care providers, it’s a new horizon,” Ken Gosselin, with Good Technology, a Sunnyvale, Calif.-based company that makes mobile security software, told DOTmed News. “From an IT perspective they’re asking all the same questions, how can an iPhone have business and corporate-liable information on it and keep it safe?”
For its part, Good provides technology that virtually walls off sensitive applications or data from the rest of the device, in a process they call containerizing. Segregating health care data from other applications can help prevent dodgy apps or, say, an infected copy of Fruit Ninja from compromising protected information.
“That application is completely containerized, it’s essentially locked in a vault digitally,” Gosselin said. Good said it has over a dozen health care customers, including big institutions like NYU Langone Medical Center in Manhattan and University Hospitals.
You Must Be Logged In To Post A CommentRegistreL'inscription est gratuite et facile. Aproveite os benefícios dos principais produtos novos e inovadores do mundo. Mercado de equipamentos médicos usados. Inscrivez-vous maintenant ! |
|
