The old telephone party line is back. Now it's called the network."The near-ubiquitous remote availability of information is one of the most compelling advantages of information systems," said Dr. Paul Chang, director of radiology informatics at the
The old telephone party line is back. Now it's called the network.
"The near-ubiquitous remote availability of information is one of the most compelling advantages of information systems," said Dr. Paul Chang, director of radiology informatics at the University of Pittsburgh Medical Center.
Unfortunately, it is also a monumental security liability. Although the probability of attack is slim, the consequences of data loss are huge, he said.
But most people consider security an IT issue, to be solved by throwing more hardware and software at it.
"This is an inaccurate perspective," Chang said. "Any adequate security model transcends devices and technology. It's critical that security be integrated into user workflow."
The problem is that security is boring, in the way that car insurance is boring.
"People want to pay as little as possible for security, then hope they never need it," he said.
Chang discussed network security during a SCAR University session Friday morning, in which he outlined six areas of concern.
· Secure the environment.
"Any guy in a lab jacket can steal a baby or get to your PACS archive and network closet," Chang said.
· Secure the network. Everyone must have a firewall.
· Secure the computer and software. Run antivirus software.
"Beware of laptops, the unfaithful spouses of IT," Chang said.
Laptops are often exposed to the outside world, especially "Trojan horses" left by vendors for backdoor network access.
· Secure the computer. Install patches. Keep the operating system current.
· Secure the data. Consider rights management. Practice disaster recovery.
"E-mail without encryption is insecure, a postcard anyone can see," Chang said.
· Secure the user. Authentication is critical, but overly zealous security schemes may backfire, leading to Post-it notes with passwords stuck to monitors. No guest accounts, and no general user should have administrative rights as delivered in Windows XP.
· Auditing is important.
"How will you know something is wrong if there is no audit trail?" Chang said.
New Study Assesses Long-Term Outcomes of PSMA PET Use in PCa Recurrence Cases
October 24th 2024For patients with biochemical recurrence of prostate cancer, PSMA PET imaging may facilitate a 12.8 percent lower incidence of prostate cancer mortality in contrast to the combination of CT and bone scan, according to long-term outcome estimates from a new decision-analytic modeling study.
Can Diffusion MRI Predict Patient Response to Neoadjuvant Chemotherapy for Breast Cancer?
October 23rd 2024A model emphasizing time-dependent diffusion MRI was 15 percent more effective than apparent diffusion coefficient (ADC) measurements at predicting pathologic complete response to neoadjuvant chemotherapy for women with breast cancer, according to new research.