We saw what happened when William Wallace upgraded to the Right Network, but how about Paul Revere? Equipped with a Cisco Cius tablet and a reliable wireless connection, Paul can quickly communicate the impending British invasion to fellow Patriots. There’s no need for a midnight ride when you’ve got the Right Network.
This is the time of year that some of us bloggers decide to pontificate about the New Year that’s to come and what it will hold. Well more of that from me and my colleagues in a few days time.
Edison - courtesy Library of Congress
With just a few days left in 2011, I see that the incandescent light bulb is on its last legs, according to legislation that passed through Congress in 2007, and is being enacted by the Federal government soon. California has already started it’s ban on the old light bulbs ahead of time – no more three-way light bulbs! What are we going to do now?! Poor Edison – one of his key inventions put out to grass as it were!
There are some things difficult to predict – Samoans will go to sleep tonight on Thursday and tomorrow wake up on Saturday, so that they can be more in line with their trading partners in the west, like Australia. That’s a way of localizing your supply chain. Who would have predicted that?
Manufacturing Gurus at work...
Caffeinated beer is on its way out too. Never tried the stuff myself, but I don’t think it will stop folks drinking energy drinks and vodka cocktails. I remember enjoying a couple of those at the Minus5 bar at CiscoLive 2011 in Vegas this year with some colleagues. It was a way for the sponsor to get us to take notice of what they did and work with them in the networking industry. Funny, but after a couple of those special drinks none of us could remember what on earth it was they were trying to sell us! Note to self: don’t use that method in our marketing campaigns!
So, back to Edison’s predictions. Oh yes, he made some in 1911 and predicted what the world would be like in 2011, so let’s see how well he did 100 years on. I predict that Edison’s predictions will be mostly 50/50 by the year end. Here’s why. He said: Read More »
There are some interesting security developments on the BYOD front that may present serious HIPAA challenges for healthcare delivery organizations. If you’re not following the story I’ll give you the quick summary. Security consultant Trevor Eckhart discovered monitoring software from Carrier IQ on his Android based smart phone. The software which he could not disable was placed there by the cellular carrier in an effort to monitor and enhance the end user experience. His testing reviled that the software was able to log keystrokes, URL’s, GPS location and SMS text messages amongst other items. All of the juicy information that is collected encrypted and uploaded to the carrier or manufacturer for “analysis” – NICE!
The seriousness of the issue sparked a federal probe with Senator Al Franken sending a request to the software vendor, manufacturers and cellular carriers asking for specific details of the monitoring software capabilities and how the information collected is being used. Many of the responses received to date raised many more questions than they answered.
By the time you read this, the holiday season will be behind us. The second longest post-holiday line over the dreaded Toys-R-Us return line is likely to be in front of the IS Support desk come “Monday Morning”. All the Cindy Lou Who’s will be in line asking that their smart device be given access.
It will be interesting to see the statistics, but I suspect that in comparison to previous years, it’s highly likely that many more BYOD smartphones and tablets will enter the healthcare environment. One of the top care about for CIO’s is to provide rapid provisioning within their organization. This is great, but I often wonder if responding to the demand could result in cutting the proverbial corner without knowing it!
Given the need to deploy a wide variety of BYOD devices quickly and securely, the healthcare Chief Security Officer (CSO) certainly has their job cut out for them these days. The shire volume of consumer devices entering the enterprise environment raises some serious questions as to their readiness, especially in regard to security and privacy – add ePHI and the responsibilities of covered entities and you have some significant reason for concern. Perhaps before a healthcare system adopts a BYOD policy, one should consider the ramifications of allowing the wide range of consumer devices (and contracted carriers) to access protected resources. I’d suggest that it’s certainly time to consider the use of an enterprise ready device – one such as the Cisco Cius where you can control key aspects related to maintaining security and enhancing the user experience.
Cisco Cius with AppHQ is an Enterprise Ready Tablet
First, with the monitoring software described, don’t assume that your security policy by itself is sufficient. Remember this software, as with others to likely follow, are key loggers. Such applications by definition capture each and every keystroke and button press regardless of the application or transport/network encryption being used. Many CSO’s may incorrectly conclude data loss is impossible given the use of VPN technology. Likewise some will conclude that their adoption of VDI assures that the data stays local to the healthcare system and not to the device. While partially true, we are effectively talking about keystrokes being logged. Clearly a physician WILL over time enter data that is classified as ePHI – all nicely collected and uploaded unknowingly to a 3rd party. Even SMS text messages sent or received by such a device is within scope!
My advice is to stay abreast of this developing story, and in the meantime, take the time necessary to fully understand the ramifications of allowing various devices (and carriers under contract) to access your protected resources. It’s no longer about robust authentication mechanisms, secure encryption and remote wipes – It’s now much more than that! Also remember that a device that is classified as “safe” today might not be in compliance after an OS upgrade or application install in the future. Taking accountability for the device and the applications being loaded onto it by either the user or carrier is YOUR business. Having a system in place that facilitates YOU being able to control the OS and the applications that are being installed on BYOD devices is a critical objective.
So make sure that the next time you’re planning a BYOD party that you recognize all the guests being invited – otherwise some valuables in the form of ePHI may be slipping out the back door!
“When I first got here, the [intern] orientation was talking about all business stuff…supply chain..and I’m a computer science major, and I was thinking, uh-oh, I’m in the wrong place.” Kelley Duran said as we settled down to talk about her internship here at Cisco. Her classmate Samuel Sandoval had the same reaction: “Honestly, I thought I was in [the] wrong group… since I’m in IT [information technology]”
Internships are a great way for students to make the connection between their studies and the business world. Combining education with practical application through internships means an easier transition into the workforce after college. Even better is when education and personal expertise are both channeled into the right internship.
Samuel Sandoval, Shraddha Chaplot and Kelley Duran spell Cisco in American Sign Language at Cisco Headquarters
Samuel and Kelley interned for 11 weeks in Cisco’s Software Engineering Accessibility team. The Cisco Accessibility team is focused on ensuring Cisco products are accessible and usable by people with disabilities, whether by design or through compatible use with assistive technology.
Samuel worked as a lead developer for real time text chat on the Read More »