Security expert Bruce Schneier pulls out an interesting excerpt from an essay “When Security Gets in the Way” that is sparking great discussion on his Schneier on Security blog. The essay, from Don Norman’s jnd site, debates security vs. usability, and addresses design considerations for enterprise security systems. This article captures important concerns often discussed in security circles on how to make security stronger without disrupting user behavior. It’s a delicate balance – we often say the most secure computer is the one in a locked room not powered up but that would hardly be usable. At Imprivata we have always believed that usability and security don’t need to be mutually exclusive.…
In our last blog posting, we discussed three priorities all organizations should focus on in 2009: security, productivity and manageable IdM projects. Today we're looking more closely at enterprise security.…
Full disclosure: I'm just a medium-sized hospital's IT security guy. I've had Imprivata'sESSO appliance (three of them actually, a pair of HA, and a test box) up and running, happily, for about three years. I was invited by Imprivata and Ping Identity to participate in a panel discussion at the SSO Summit held in Keystone, CO, on July 23-25 (http://www.ssosummit.com/).
Andre Durand (Ping Identity) and friends put on a very nice event. There was a good blend of topics, from SSO-centric details, to Federation issues, and a mixture of interesting case studies to visionary presenters like John Haggard (independent security consultant and long-time IT mentor) and Gunnar Peterson (Arctec Group). The event was solid throughout, but to hear John and Gunnar speak about the important issues of the past and future of SSO and IT/Web security, made the event a powerful experience not to be missed.…
As part of their Signature Learning Series, The American Hospital Association (AHA) recently featured a presentation from Mahaska Health Partnership, “…
We are pleased to recognize our inaugural 2012 Healthcare Innovation Award finalists, including Catholic Health Partners, Johns Hopkins, Memorial Healthcare,…
One of the key takeaways from last week’s AHIMA Conference in Atlanta was the focus on mobility and instant communication in healthcare. CIOs and other IT professionals are thinking deeply about the movement of data, especially protected health information (PHI) and how to provide clinicians with the access to information they need, wherever and whenever they need it, while remaining compliant with security and industry regulations.…
Introducing Electronic Prescribing of Controlled Substances is a great business move for pharmacists - read a pharmacist's arguments for EPCS adoption…
The Best Way to Fend Off Attackers: Think Like a Hacker
David Ting
|
The recent spate of high-profile security breaches across the healthcare industry has revealed a shift in how attackers are accessing and pilfer patient records and other sensitive information. Most healthcare organization leaders I speak with have taken steps to reinforce their perimeter defenses with firewalls, intrusion detection, deep packet inspection, and other strategies.…
Electronic prescribing of controlled substances (EPCS) delivers a number of benefits. However, in order to enable EPCS, healthcare providers must meet DEA requirements that can be disruptive and cumbersome to implement.…
Avoiding common security and compliance workarounds for medical devices
Security concerns continue to grow for healthcare organizations as systems integrate new technologies and as electronic patient health information (PHI) prol…