Safe Personal Computing--Lessons for Safe Hospital Computing?

Posted by Clark Venable on 12/15/2004

Bruce Schneier has updated his list of a dozen things Internet users can do to protect themselves. There's no particular reason I can think of that these shouldn't also apply to hospital IT. Does your hospital still use Internet Explorer as its default web browser and Exchange for e-mail? Here are a few of his recommendation that I think should be applied in the hospital setting.

"

"Operating systems: If possible, don't use Microsoft Windows. Buy a Macintosh or use Linux. If you must use Windows, set up Automatic Update so that you automatically receive security patches. And delete the files 'command.com' and 'cmd.exe.'

Browsing: Don't use Microsoft Internet Explorer, period. Limit use of cookies and applets to those few sites that provide services you need. Set your browser to regularly delete cookies. Don't assume a Web site is what it claims to be, unless you've typed in the URL yourself. Make sure the address bar shows the exact address, not a near-miss.

Passwords: You can't memorize good enough passwords any more, so don't bother. For high-security Web sites such as banks, create long random passwords and write them down. Guard them as you would your cash: i.e., store them in your wallet, etc.

E-mail : Turn off HTML e-mail. Don't automatically assume that any e-mail is from the 'From' address.

Delete spam without reading it. Don't open messages with file attachments, unless you know what they contain; immediately delete them. Don't open cartoons, videos and similar 'good for a laugh' files forwarded by your well-meaning friends; again, immediately delete them.

Never click links in e-mail unless you're sure about the e-mail; copy and paste the link into your browser instead. Don't use Outlook or Outlook Express. If you must use Microsoft Office, enable macro virus protection; in Office 2000, turn the security level to 'high' and don't trust any received files unless you have to. If you're using Windows, turn off the 'hide file extensions for known file types' option; it lets Trojan horses masquerade as other types of files. Uninstall the Windows Scripting Host if you can get along without it. If you can't, at least change your file associations, so that script files aren't automatically sent to the Scripting Host if you double-click them.

Firewall : Spend $50 for a Network Address Translator firewall device; it's likely to be good enough in default mode. On your laptop, use personal firewall software. If you can, hide your IP address. There's no reason to allow any incoming connections from anybody.

Encryption: Install an e-mail and file encryptor (like PGP). Encrypting all your e-mail or your entire hard drive is unrealistic, but some mail is too sensitive to send in the clear. Similarly, some files on your hard drive are too sensitive to leave unencrypted."

"

This post has 0 replies
See full thread



Feeds and Categories

Blog Roll

Google Modules
   Body Mass Index
   Allowable Blood Loss

Anesthesiology
   The Ether Way
   Westmead Anaesthesia Blog
   Anesthesioboist
   Book of Joe
   Anesthesiamania
   i'm so sleepy
   GASMAN

Medicine
   Aggravated DocSurg
   Retired Doc
   Finger and Tubes
   Running A Hospital
   Medviews
   Doctor
   Chance To Cut
   Medlogs
   Medpundit
   RangelMD
   DB's Medical Rants
   EchoJournal
   Palmdoc Chronicles
   Blogborygmi
   The Well-Timed Period
   WebMD

Journals
   NEJM
   JAMA
   A&A
   Anesthesiology

Geeks Like Me
   Seth Dillingham
   Jonathan Greene