National Security and Personal Privacy – Both Are Possible
Do visitors to your medical office use smartphones? Even though you’ve posted ‘Please turn off your phone’ signs nearly everywhere? You’re not alone. Most health care organizations find themselves competing with technology for peoples’ attention.
Of course, patients aren’t the only ones clicking, searching, scanning and snapping in medical settings. Nurses, doctors, assistants, vendors – nearly every human in the joint has a device. As a result, more connected devices are in use within health care provider settings, wirelessly sending and receiving data day and night.
What’s more, medical devices used to diagnose and treat patients are often doing the same – sending and receiving data through what can be incredibly vulnerable networks and systems.
While visiting my own doctor recently, I decided to search for such devices using a free Wi-Fi access finder app I have downloaded on my smartphone. I was not surprised to find more than a dozen wireless medical devices and associated controlling systems in my immediate area. I was troubled, however, to find not one was using encryption, nor did any of them require the use of passwords. I could also see network names and data being sent within the facility’s wireless network – all through these dozen or so devices and systems.
When my doctors came into the room, I asked if the facility had good security on its devices and networks. Here again, the answer did not surprise me:
“We have a great information security department, so I’m sure we do.”
I showed them what I’d found and explained that if I had been a hacker, I could have accessed all the data on those devices and sent it to some unknown and far-away cloud server. They were scared to learn anyone within range could, at that very moment, be getting away with that very malicious act completely undetected.
“We’ll discuss this with our data security officer.”
And that’s a great first step. But, as we all know, staying on top of the risks, threats, patches, upgrades, and innovations that keep an organization cyber safe is a daunting task. Quite frankly, it’s too much for a single data security officer. That is why we developed SIMBUS360.com – to simplify risk management and compliance, ultimately making cybersecurity risks and related threats much easier to mitigate.
Related posts
