• AI
  • Molecular Imaging
  • CT
  • X-Ray
  • Ultrasound
  • MRI
  • Facility Management
  • Mammography

In cyberspace, no one can hear you scheme

Article

The old telephone party line is back. Now it's called the network."The near-ubiquitous remote availability of information is one of the most compelling advantages of information systems," said Dr. Paul Chang, director of radiology informatics at the

The old telephone party line is back. Now it's called the network.

"The near-ubiquitous remote availability of information is one of the most compelling advantages of information systems," said Dr. Paul Chang, director of radiology informatics at the University of Pittsburgh Medical Center.

Unfortunately, it is also a monumental security liability. Although the probability of attack is slim, the consequences of data loss are huge, he said.

But most people consider security an IT issue, to be solved by throwing more hardware and software at it.

"This is an inaccurate perspective," Chang said. "Any adequate security model transcends devices and technology. It's critical that security be integrated into user workflow."

The problem is that security is boring, in the way that car insurance is boring.

"People want to pay as little as possible for security, then hope they never need it," he said.

Chang discussed network security during a SCAR University session Friday morning, in which he outlined six areas of concern.

· Secure the environment.
"Any guy in a lab jacket can steal a baby or get to your PACS archive and network closet," Chang said.

· Secure the network. Everyone must have a firewall.

· Secure the computer and software. Run antivirus software.
"Beware of laptops, the unfaithful spouses of IT," Chang said.
Laptops are often exposed to the outside world, especially "Trojan horses" left by vendors for backdoor network access.

· Secure the computer. Install patches. Keep the operating system current.

· Secure the data. Consider rights management. Practice disaster recovery.
"E-mail without encryption is insecure, a postcard anyone can see," Chang said.

· Secure the user. Authentication is critical, but overly zealous security schemes may backfire, leading to Post-it notes with passwords stuck to monitors. No guest accounts, and no general user should have administrative rights as delivered in Windows XP.

· Auditing is important.
"How will you know something is wrong if there is no audit trail?" Chang said.

Recent Videos
Emerging Research at SNMMI Examines 18F-flotufolastat in Managing Primary and Recurrent Prostate Cancer
Could Pluvicto Have a Role in Taxane-Naïve mCRPC?: An Interview with Oliver Sartor, MD
New SNMMI President Cathy Cutler, PhD, Discusses Current Challenges and Goals for Nuclear Medicine
Where the USPSTF Breast Cancer Screening Recommendations Fall Short: An Interview with Stacy Smith-Foley, MD
A Closer Look at MRI-Guided Transurethral Ultrasound Ablation for Intermediate Risk Prostate Cancer
Improving the Quality of Breast MRI Acquisition and Processing
Can Fiber Optic RealShape (FORS) Technology Provide a Viable Alternative to X-Rays for Aortic Procedures?
Does Initial CCTA Provide the Best Assessment of Stable Chest Pain?
Making the Case for Intravascular Ultrasound Use in Peripheral Vascular Interventions
Can Diffusion Microstructural Imaging Provide Insights into Long Covid Beyond Conventional MRI?
Related Content
© 2024 MJH Life Sciences

All rights reserved.