Firewall Wizards mailing list archives
RE: Link from DMZ to Internal Apps
From: "Carl Friedberg" <friedberg () exs esb com>
Date: Mon, 18 Feb 2002 09:34:16 -0500
My limited experience in the healthcare world suggests the starting point, as with all security, is to define your policy, at the highest level. In this field, there are state and federal laws which mandate the security and privacy of any patient-related information (you'll know exactly what this is). If you don't have such a policy in place, doesn't the next accreditation visit focus management concern in this area? (I really don't know). If you do have a policy in place, you will have to get written authorization from the Hospital Board to violate the exisiting security policy. I don't believe you could put all of your inside applications on the outside without exposing some protected patient data... I've had pretty good success with VPNs. There are issues here as well (a client machine on a cable or DSL network getting hacked), but it's not a bad starting point. Just my 2 band-aids. Carl -----Original Message----- From: Guess Who [mailto:yamadog35 () yahoo com]
demands for external access to internal applications.
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Link from DMZ to Internal Apps Guess Who (Feb 18)
- Re: Link from DMZ to Internal Apps Marcus J. Ranum (Feb 18)
- Re: Link from DMZ to Internal Apps R. DuFresne (Feb 19)
- Re: Link from DMZ to Internal Apps Rick Smith at Secure Computing (Feb 21)
- <Possible follow-ups>
- RE: Link from DMZ to Internal Apps Carl Friedberg (Feb 18)
- Re: Link from DMZ to Internal Apps Joseph Steinberg (Feb 19)
- Re: Re: Link from DMZ to Internal Apps Uri Lichtenfeld (Feb 19)
- RE: Re: Link from DMZ to Internal Apps Benjamin P. Grubin (Feb 20)
- RE: Re: Link from DMZ to Internal Apps Ames, Neil (Feb 21)
- Re: Link from DMZ to Internal Apps Marcus J. Ranum (Feb 18)