Course Hero Logo

Since there have been multitudes of attacks against

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 31 - 34 out of 46 pages.

Since there have been multitudes of attacks against the Department of Veterans affairs theyhave begun to ensure the security of their infrastructure. They have decreased these risks
Security Risks32considerably over the past few years. In doing so they recommend the following to others(McCaney, 2012):1.Purchase: Devices should be purchased that have a well-documented security features,can be configured safely to the networks.2.Require:When a purchase is made it should be ensured that there will be vendor supportfor ongoing firmware, patch, and antivirus updates.3.Operate: To operate and function properly there should be an external facing firewall, thenetwork should be monitored regularly especially for intrusions.4.Configure:The access control lists should be properly configured so that it only allowsaccess to the proper personnel, and denies unauthorized personnel.5.Establish:Set upStrict policies for connecting any networked devices, particularlywireless devices, to health information networks.6.Establish:Set up Policies to maintain, review and audit network configurations asroutine activities and when the Medical IT network is changed.7.Use:Utilize the principle of least privilege for determining what accounts need access tospecific functions.8.Implement:Determine safe and effective, but legal, patch and software upgrade policies.9.Secure: Communications channels, particularly wireless ones, through the use ofencryption and authentication at both ends of a communication channel.10.Establish and enforce: Password policies to protect patient information.These are some of the implementations that the department of Veteran Affairs has established toensure the security of their network, medical devices, and robotics.
Security Risks33Chapter 3: Research MethodologyInformation for this paper was gathered in a couple of different ways. One way was areview of incidents that have occurred. Another method of research that was used was throughcase studies that have occurred. The author has talked to individuals that work in the medicalprofession or are in training to become a nurse in the medical profession to see their input, andwhat they do on a day to day basis. Another method used was a pacemaker that had been used bya relative now deceased (the network device for the pacemaker was used, and not the actualpacemaker itself).Hospice nurses travel with tablets and smart phones now instead of paper records. Thesedevices connect wirelessly to the medical site in which they are assigned. With these devicesthere comes the risk of theft, potential unwanted users, packet sniffing, hacking, and malicioussoftware attacks. The device sometimes gets left in the car when the user runs into the store tograb a drink or pay for gas. This allows for the potential theft of the device. When the user is oncall the device is left on a table or counter while the user is waiting to get called out to a site.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 46 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
N/A
Tags

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture