dcsimg

Security Tips to Combat Mobile Device Threats to Health Care

  • Security Tips to Combat Mobile Device Threats to Health Care

    Security Tips to Combat Mobile Device Threats to Health Care-

    Laptops put in "sleep" mode, as opposed to shutting them down completely, can render encryption products ineffective.
    – Winston Krone, managing director, Kivu Consulting

    Health care organizations are now routinely installing full-disk encryption on their employee laptops. However, most of the leading encryption products are configured so that once the password is entered, the laptop is unencrypted (and unprotected) until the laptop is booted down. Simply putting the laptop into "sleep" mode does not cause the encryption protection to kick back in. A laptop that is lost or stolen while in "sleep" mode is therefore completely unprotected. Employees should be clearly advised to completely shut down their laptops before removing them from the workplace (e.g. when taking them home for the evening) and to only use the full shut down function, rather than "sleep" mode, when traveling or leaving their laptop unattended in an unsecure environment. This policy should be strictly enforced and audited.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15

Security Tips to Combat Mobile Device Threats to Health Care

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15
  • Security Tips to Combat Mobile Device Threats to Health Care-6

    Laptops put in "sleep" mode, as opposed to shutting them down completely, can render encryption products ineffective.
    – Winston Krone, managing director, Kivu Consulting

    Health care organizations are now routinely installing full-disk encryption on their employee laptops. However, most of the leading encryption products are configured so that once the password is entered, the laptop is unencrypted (and unprotected) until the laptop is booted down. Simply putting the laptop into "sleep" mode does not cause the encryption protection to kick back in. A laptop that is lost or stolen while in "sleep" mode is therefore completely unprotected. Employees should be clearly advised to completely shut down their laptops before removing them from the workplace (e.g. when taking them home for the evening) and to only use the full shut down function, rather than "sleep" mode, when traveling or leaving their laptop unattended in an unsecure environment. This policy should be strictly enforced and audited.