Safe Personal Computing--Lessons for Safe Hospital Computing?
Posted by Clark Venable on 12/15/2004
Bruce Schneier has updated his list of a dozen things Internet users can do to protect themselves. There's no particular reason I can think of that these shouldn't also apply to hospital IT. Does your hospital still use Internet Explorer as its default web browser and Exchange for e-mail? Here are a few of his recommendation that I think should be applied in the hospital setting.
"Operating systems: If possible, don't use Microsoft Windows. Buy a Macintosh or use Linux. If you must use Windows, set up Automatic Update so that you automatically receive security patches. And delete the files 'command.com' and 'cmd.exe.'
Passwords: You can't memorize good enough passwords any more, so don't bother. For high-security Web sites such as banks, create long random passwords and write them down. Guard them as you would your cash: i.e., store them in your wallet, etc.
E-mail : Turn off HTML e-mail. Don't automatically assume that any e-mail is from the 'From' address.
Delete spam without reading it. Don't open messages with file attachments, unless you know what they contain; immediately delete them. Don't open cartoons, videos and similar 'good for a laugh' files forwarded by your well-meaning friends; again, immediately delete them.
Never click links in e-mail unless you're sure about the e-mail; copy and paste the link into your browser instead. Don't use Outlook or Outlook Express. If you must use Microsoft Office, enable macro virus protection; in Office 2000, turn the security level to 'high' and don't trust any received files unless you have to. If you're using Windows, turn off the 'hide file extensions for known file types' option; it lets Trojan horses masquerade as other types of files. Uninstall the Windows Scripting Host if you can get along without it. If you can't, at least change your file associations, so that script files aren't automatically sent to the Scripting Host if you double-click them.
Firewall : Spend $50 for a Network Address Translator firewall device; it's likely to be good enough in default mode. On your laptop, use personal firewall software. If you can, hide your IP address. There's no reason to allow any incoming connections from anybody.
Encryption: Install an e-mail and file encryptor (like PGP). Encrypting all your e-mail or your entire hard drive is unrealistic, but some mail is too sensitive to send in the clear. Similarly, some files on your hard drive are too sensitive to leave unencrypted.""
This post has 0 replies
See full thread