Hospital computer networks, unlike humans, are not born with immune systems to protect themselves from virus attacks, hackers, or other maladies lurking in cyberspace. Yet networks do not exist in sterile bubbles either. Those in charge of protecting a
Hospital computer networks, unlike humans, are not born with immune systems to protect themselves from virus attacks, hackers, or other maladies lurking in cyberspace.
Yet networks do not exist in sterile bubbles either. Those in charge of protecting a network and its assets - while still providing service - must find the elusive balance between security and user benefit.
Sam Dwyer, Ph.D., a professor of radiology at the University of Virginia, lists several questions that must be answered in planning network security:
?What's being protected?
?What's the value of these assets?
?What vulnerabilities exist?
?Who's most likely to attack and by what methods?
?What would the consequences of a successful attack be?
?What protection is available?
"The depth of detail of network functionality, like the study of human anatomy, can be highly involved," said Thomas Siu, a network analyst at NASA's Glenn Research Center in Brookpark, OH. "Luckily, people don't die in these situations. But when medical care is dependent upon confidentiality, integrity, and availability of information accessed via the network, the management of security risks takes on greater significance."
Siu recommends constructing a network defense system that relies on multiple layers to provide security from threats from outside its perimeter as well as within.
"The security layers of perimeter defense, internal diagnostics, and user practices make up the high-level structure of a very detailed environment that protects the information within the network," he said.
The term 'perimeter defense' implies a firewall, a bastion of defense against outside invaders, Siu said.
"Such a defense consists of multiple systems that work synchronously to enforce an access-control policy, to permit only certain network traffic to pass through the boundary," he said.
With perimeter security, you can either permit all services but deny only specific risky traffic, or you can deny all traffic and permit only specifically allowed traffic. The first policy means users may introduce security risks to the network. The second policy avoids those risks, but users are disempowered, Siu said.
Inside the perimeter, some form of intrusion detection is important.
"It won't do you much good to know how people are likely to break into your network if you don't have a way of knowing when an attack is taking place," Dwyer said.
Stay at the forefront of radiology with the Diagnostic Imaging newsletter, delivering the latest news, clinical insights, and imaging advancements for today’s radiologists.
Study Shows Enhanced Diagnosis of Coronary Artery Stenosis with Photon-Counting CTA
July 10th 2025In a new study comparing standard resolution and ultra-high resolution modes for patients undergoing coronary CTA with photon-counting detector CT, researchers found that segment-level sensitivity and accuracy rates for diagnosing coronary artery stenosis were consistently > 89.6 percent.
FDA Expands Approval of MRI-Guided Ultrasound Treatment for Patients with Parkinson’s Disease
July 9th 2025For patients with advanced Parkinson’s disease, the expanded FDA approval of the Exablate Neuro platform allows for the use of MRI-guided focused ultrasound in performing staged bilateral pallidothalamic tractotomy.