Cisco Blogs


Cisco Blog > Healthcare

Healthcare BYOD users, beware of the uninvited guest!

There are some interesting security developments on the BYOD front that may present serious HIPAA challenges for healthcare delivery organizations.  If you’re not following the story I’ll give you the quick summary.   Security consultant Trevor Eckhart discovered monitoring software from Carrier IQ on his Android based smart phone.  The software which he could not disable was placed there by the cellular carrier in an effort to monitor and enhance the end user experience.  His testing reviled that the software was able to log keystrokes, URL’s, GPS location and SMS text messages amongst other items.  All of the juicy information that is collected encrypted and uploaded to the carrier or manufacturer for “analysis” – NICE!

 The seriousness of the issue sparked a federal probe with Senator Al Franken sending a request to the software vendor, manufacturers and cellular carriers asking for specific details of the monitoring software capabilities and how the information collected is being used.   Many of the responses received to date raised many more questions than they answered. 

By the time you read this, the holiday season will be behind us.   The second longest post-holiday line over the dreaded Toys-R-Us return line is likely to be in front of the IS Support desk come “Monday Morning”.  All the Cindy Lou Who’s will be in line asking that their smart device be given access.      

It will be interesting to see the statistics, but I suspect that in comparison to previous years, it’s highly likely that many more BYOD smartphones and tablets will enter the healthcare environment.  One of the top care about for CIO’s is to provide rapid provisioning within their organization.  This is great, but I often wonder if responding to the demand could result in cutting the proverbial corner without knowing it!

Given the need to deploy a wide variety of BYOD devices quickly and securely, the healthcare Chief Security Officer (CSO) certainly has their job cut out for them these days.  The shire volume of consumer devices entering the enterprise environment raises some serious questions as to their readiness, especially in regard to security and privacy – add ePHI and the responsibilities of covered entities and you have some significant reason for concern.  Perhaps before a healthcare system adopts a BYOD policy, one should consider the ramifications of allowing the wide range of consumer devices (and contracted carriers) to access protected resources.  I’d suggest that it’s certainly time to consider the use of an enterprise ready device – one such as the Cisco Cius where you can control key aspects related to maintaining security and enhancing the user experience.

Cisco Cius with AppHQ is an Enterprise Ready Tablet

First, with the monitoring software described, don’t assume that your security policy by itself is sufficient.  Remember this software, as with others to likely follow, are key loggers.  Such applications by definition capture each and every keystroke and button press regardless of the application or transport/network encryption being used.  Many CSO’s may incorrectly conclude data loss is impossible given the use of VPN technology.   Likewise some will conclude that their adoption of VDI assures that the data stays local to the healthcare system and not to the device.  While partially true, we are effectively talking about keystrokes being logged.  Clearly a physician WILL over time enter data that is classified as ePHI – all nicely collected and uploaded unknowingly to a 3rd party.  Even SMS text messages sent or received by such a device is within scope!

My advice is to stay abreast of this developing story, and in the meantime, take the time necessary to fully understand the ramifications of allowing various devices (and carriers under contract) to access your protected resources.  It’s no longer about robust authentication mechanisms, secure encryption and remote wipes – It’s now much more than that!  Also remember that a device that is classified as “safe” today might not be in compliance after an OS upgrade or application install in the future.  Taking accountability for the device and the applications being loaded onto it by either the user or carrier is YOUR business.  Having a system in place that facilitates YOU being able to control the OS and the applications that are being installed on BYOD devices is a critical objective. 

So make sure that the next time you’re planning a BYOD party that you recognize all the guests being invited – otherwise some valuables in the form of ePHI may be slipping out the back door!

Tags: , , , , , , ,

5 Retail Trends Driving Wi-Fi: Part 2

Earlier this week, we kicked off  special customer guest blog series with Andrew vonNagy, author of the blog Revolution Wi-Fi, and active on Twitter @revolutionwifi. Join us today as Andrew explores the next two major retail trends changing the Wi-Fi industry, and catch up with the first part if you missed it.

Trend 2: Empowering Sales Associates
Given the increasingly connected and smart shopper, consumers now have more product information than in-store sales associates in many cases. Yet sales staff are key to providing a great consumer experience in-store. Retailers need to empower sales associates with the depth of product information that consumers have, and to provide additional tools that facilitate existing and new services offered by the retailer.

Historically, only a fraction of retail sales associates have been provided with mobile devices, and those devices have enabled only a limited set of capabilities such as stocking, inventory management and product availability. One reason for this is the high cost of ruggedized mobile devices for use in retail. A typical high-speed scanner PDA can cost well over $1,200 each. In order to provide every sales associate with more information to help consumers, retailers are adopting lower-cost, feature-rich, smart mobile devices that provide more robust capabilities than specialized scanners. Mobile platforms built by Apple, Android, and third-party manufacturers are enabling this shift, along with a retail IT focus on enabling business processes in a more flexible, consistent, and re-usable fashion.

Read More »

Tags: , , , , , , , , , , , , ,

Customer Perspective: 5 Retail Trends Driving Wi-Fi

This is the type of post that gets me excited. Today, I’m happy to feature a special customer guest author: Andrew vonNagy, CCIE #28298 (Wireless), and currently Technical Architect for a Fortune 50 retail company. Many of you may know Andrew from his active blog, Revolution Wi-Fi,  or his Twitter feed: @revolutionwifi. Stay with us over the next two weeks as Andrew offers his take on the intersection of Retail and the Wireless LAN industry.

Retail Wi-Fi networks have long been dominated by inventory management applications and services that enabled a more productive workforce and leaner operations. However, brick-and-mortar retail is being disrupted due to the explosive growth from pure e-commerce competitors offering [often] lower prices and a more personalized shopping experience. In addition, the e-commerce sales channel offers deeper product information, community reviews, and greater levels of localization and customization that resonate with consumers.

Brick and mortar retail must adapt to compete in this new environment. A key component of this adaptation is delivering new IT solutions while leveraging the physical assets of the storefront, mixing the benefits of in-store product “touch-and-feel” with the personalization of e-commerce shopping. Merging these two worlds together will create an enhanced shopping experience through the use of mobile Internet devices, often connected through Wi-Fi networks.

This week, we will cover the first of 5 trends driving Wi-Fi growth and new capabilities in retail organizations:

Trend 1: Consumer Interaction and Business Analytics

Physical retailers have the most influence over consumer purchase decisions in the store, when they are standing in front of the product they are weighing whether or not to buy. Historically, this has been through in-aisle marketing and signage. However, customers are increasingly equipped with mobile Internet access and turning to external sources of information in real-time while within a retail store. This has been coined the emergence of the “smart shopper”. These external sources of information are much more comprehensive than what the retailer can provide through traditional in-aisle marketing and signage, and this leaves the physical retailer at a big disadvantage.

Read More »

Tags: , , , , , , , , , , ,

What is WebEx? A Cool Way to Have an Online Meeting

November 15, 2011 at 11:34 am PST

So you’ve heard the term WebEx but you have no idea what a WebEx is? You’ve come to the right place.

WebEx lets you have online meetings with anyone who has an Internet connection -- including mobile users. You will be connected via audio and you can share content from your computer which lets you see the same things at the same time -- like PowerPoint files, Word documents or even browse the web together. Within the meeting, you can “Pass the Ball” so any attendee can control the meeting and share.

WebEx can help any small business, teleworker or home user conduct their business meetings more professionally and efficiently.

Here are more details about the features you get with WebEx: Read More »

Tags: , , , , , , , , , , , , ,

New Mobile Apps Monitor UCS, Reboot Servers from 30,000 Feet

UCSand app screenshotMobile devices have changed the way we manage our lives—in fact, just the other day I used apps on my smartphone to pull up recipes and locate a nearby grocery store. (Now only if there were an app that could enable a smartphone to cook dinner.)

Did you know that there’s an app that can help you manage your Unified Computing System (UCS), too? UCSand, which is available for Android phones and can be found in the Android Market, enables you to monitor and control your UCS. Sounds pretty cool, don’t you think?

It definitely can be a useful tool, according to Colby Cousens, Systems Administrator for the City of Melrose, Massachusetts.

The city has a secure, multi-tenant FlexPod architecture in their data center. This solution provides the City of Melrose with the ability to offer secure network, storage, and compute resources to their partner communities.

“One of my own shortcomings regarding UCS is that I don’t get into the manager as often as I should to check events and warnings on the system,” Colby said. “The UCSand app highlights the value of Cisco’s XML-API in allowing a program to pull targeted data out of the UCS Manager without requiring an individual to navigate through extra configurations or information at the time.”

Read More »

Tags: , , , , , , , , , , , ,