computerwoche.de

Archiv

Clinic finds security in wireless management

03.05.2006
"There is no doubt about it," says Rory Retterer, manager of information services at Smith Clinic, a multispecialty physician group practice in Marion, Ohio, "there are plenty of technical people and students in our society who would love to hack into a wireless network just for the 'honorable mention' they get for doing it."

Other multimillion dollar corporations have been hacked into. "But so far our wireless network has not been penetrated, and with Bluesocket's technology, if we do have an attempt, we can identify the MAC address of the AP, which gives us a pretty strong idea of where the hacker is."

Strong access point (AP) security management is one of the main advantages that the clinic has garnered from its Bluesocket installation. Not only does it provide protection and alert network administrators of the location of unauthorized penetration attempts, it also makes security and other management changes much easier. Instead of having to implement changes separately on each AP through the clinic's facilities, it lets network staff make the change once, at the central management point, and propagate the change through the entire network.

And it integrates well with other technologies. Before installing Bluesocket, the clinic already had a number of Cisco APs operating. Bluesocket integrated those into the network, allowing the institution to maintain its existing investment in its wireless edge. Retterer also implemented the latest Cisco perimeter security across the network and Cisco Security Advisor (CSA) on the clinic's desktop and portable computers. "Bluesocket plays nicely with the Cisco security," he says. "We have had virus attacks to our wireless perimeter, but so far no penetrations.

"It also allows us to authenticate users through Microsoft's Active Directory, which allows us to set rules for different classes of users." This is particularly important to meet the regulatory requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which specifies for instance that while clinicians can view the patient's medical record, billing and financial staff may only see parts directly related to billing.

Bluesocket also plays well with another leading-edge wireless technology. Smith Clinic has added MobileAccess technology to the network, which it plans to use to provide microcellular, first responder and medical telemetry wireless networks through its facilities. Retterer says these technologies have integrated flawlessly.