Re: [article] The iPad in the Hospital and Operating Room

[phester <funsec () armorfirewall com>]

On Thu, 20 Jan 2011, Paul Ferguson wrote:

> On Thu, Jan 20, 2011 at 2:09 PM, Shawn Merdinger <shawnmer () gmail com> wrote:
>
> > http://www.healthcareitscope.com/ipad-hospital-operating-room/
> >
> > "It can also be useful in bypassing hospitals’ restrictive networks to
> > access remote files and office electronic medical records (EMRs) using
> > the cellular 3G networks."
>
> Great. Those pesky, restrictive hospital networks are restrictive for
> a reason, methinks.
>
> This opens a whole new level of FAIL.

Yeah, but it illustrates an universal issue. If users can't do what they 
want over the network, they'll find a way around it.

Look at stuxnet. The iraniacs had their nuke plants air-gapped, which 
meant users had no way to move files across the network. To do their jobs, 
they needed files, so it was a slam-dunk that USB drives would be a good 
vector.

Your network design must support function. When security impairs function, 
the security becomes a problem, and users will do what it takes to solve 
the problem.

Said hospitals need to find a way to provide function securely. Solutions 
are out there.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.