In cyberspace, no one can hear you scheme
The old telephone party line is back. Now it's called the network."The near-ubiquitous remote availability of information is one of the most compelling advantages of information systems," said Dr. Paul Chang, director of radiology informatics at the
The old telephone party line is back. Now it's called the network.
"The near-ubiquitous remote availability of information is one of the most compelling advantages of information systems," said Dr. Paul Chang, director of radiology informatics at the University of Pittsburgh Medical Center.
Unfortunately, it is also a monumental security liability. Although the probability of attack is slim, the consequences of data loss are huge, he said.
But most people consider security an IT issue, to be solved by throwing more hardware and software at it.
"This is an inaccurate perspective," Chang said. "Any adequate security model transcends devices and technology. It's critical that security be integrated into user workflow."
The problem is that security is boring, in the way that car insurance is boring.
"People want to pay as little as possible for security, then hope they never need it," he said.
Chang discussed network security during a SCAR University session Friday morning, in which he outlined six areas of concern.
· Secure the environment.
"Any guy in a lab jacket can steal a baby or get to your PACS archive and network closet," Chang said.
· Secure the network. Everyone must have a firewall.
· Secure the computer and software. Run antivirus software.
"Beware of laptops, the unfaithful spouses of IT," Chang said.
Laptops are often exposed to the outside world, especially "Trojan horses" left by vendors for backdoor network access.
· Secure the computer. Install patches. Keep the operating system current.
· Secure the data. Consider rights management. Practice disaster recovery.
"E-mail without encryption is insecure, a postcard anyone can see," Chang said.
· Secure the user. Authentication is critical, but overly zealous security schemes may backfire, leading to Post-it notes with passwords stuck to monitors. No guest accounts, and no general user should have administrative rights as delivered in Windows XP.
· Auditing is important.
"How will you know something is wrong if there is no audit trail?" Chang said.
What a New Mammography Study Reveals About BMI, Race, Ethnicity and Advanced Breast Cancer Risk
December 8th 2023In a new study examining population attributable risk proportions (PARPs) based on data from over three million screening mammography exams, researchers found that postmenopausal Black women had the highest BMI-related PARP and premenopausal Asian and Pacific Islander women had the highest breast density-related PARP for advanced breast cancer.
Study: Contrast-Enhanced Mammography Changes Surgical Plan in 22.5 Percent of Breast Cancer Cases
December 7th 2023Contrast-enhanced mammography detected additional lesions in 43 percent of patients and led to additional biopsies in 18.2 percent of patients, over half of whom had malignant lesions, according to a study of over 500 women presented at the recent Radiological Society of North America (RSNA) conference.
