Balancing Usability and Security for Medical Devices
|
|
- Christal Robinson
- 8 years ago
- Views:
Transcription
1 Balancing Usability and Security for Medical Devices Ken Hoyme Adven&um Labs Robert North, LLC March 17, /17/ Adven8um Labs and 1
2 Early device connec8vity was simple Human Centered Strategies Use Risk Concerns: Response 8me Alarm management Security Concerns: None In- hospital monitoring of bedside and later ambulatory pa8ents Improved awareness/response from central monitoring sta8ons Dedicated communica8ons between devices and sta8ons Separate from other hospital networks 3/17/ Adven8um Labs and Human Centered Strategies 2
3 Device connec8vity for EHR Integra8on Human Centered Strategies Use Risk Concerns: Manual entry errors Pa8ent ID errors Data overload Security Concerns: Confiden8ality Data integrity Network availability Device infec8on Hospital Network Automa8c updates into pa8ent record More accurate, 8mely informa8on Networked connec8on between devices and EMR May be shared on hospital network 3/17/ Adven8um Labs and Human Centered Strategies 3
4 Pan- enterprise Connec8vity B2B health data connec8ons to external sites Pa8ent portals, HIEs Connec8ons to outpa8ent clinics and home monitoring Mobile pa8ent devices, BYOD in- hospital Use Risk Concerns: Data islands Inconsistency Urgent condi8ons missed Configura8on by non- experts Security Concerns: Privacy Data integrity Access control Availability Vulnerability management Pa8ent safety 3/17/ Adven8um Labs and 4
5 Known Medical Device Security Vulnerabili8es Implantable/wearable devices Security researchers have demonstrated that some manufacturers have not secured the links that permit programming Field- updateable devices Researchers have demonstrated many use a single administrator password to update so\ware Devices built on common OS s Known vulnerabili8es to malware wri^en for the basic OS Networked medical devices Many demonstrated suscep8bili8es for standard network a^acks 3/17/ Adven8um Labs and 5
6 Collec8ve Response GAO report issued August 2012 Recommended FDA increase pre- and post- market scru8ny of device cybersecurity FDA dra\ guidance issued June 2013 Directs manufacturers to balance security and usability But also offers a list of security considera8ons that could nega8vely impact clinical workflow Several guidance/standards efforts underway E.g. AAMI Device Security Working Group 3/17/ Adven8um Labs and 6
7 Medical Device Access Points Physical user interface Direct user access Network connec8on Wired/wireless Remote access, remote control, configura8on Peripheral connec8ons USB, RFID, Bluetooth Posi8ve Pa8ent ID, char8ng, ambulatory link Maintenance access (may use one of the above) So\ware updates, device diagnos8cs 3/17/ Adven8um Labs and 7
8 Device Security Scope Maintain the privacy of pa8ent informa8on ID, measurements, treatments, etc. Confiden8ality Prevent unauthorized modifica8ons to pa8ent ID, measurements, sekngs and the device s so\ware Ensure that the func8onality of the device is available when needed Integrity Availability 3/17/ Adven8um Labs and 8
9 Exis8ng Security/Usability Research Authen8ca8on Secure Computer Maintenance Passwords Challenge Ques8ons Web Browsers Public Key Cryptography An8- phishing Social Networks Mobile Devices Anonymizers 3/17/2014 Not focused on medical devices in a clinical se1ng Symposium On Usable Privacy and Security 2014 Adven8um Labs and 9
10 Medical Devices are not standard IT systems 3/17/ Adven8um Labs and 10
11 Safety/Risk/Benefit Medical devices are approved because they have a demonstrated clinical benefit and use safety Prescribed for pa8ents with indicated needs Interference, loss or delay of that benefit can result in pa8ent harm Security vulnerabili8es or their mi8ga8ons can lead to interference, loss or delay if poorly addressed 3/17/ Adven8um Labs and 11
12 Workflow Management Acute care sekngs place high mul8- tasking requirements on the staff Security controls can lead to classic workflow issues including Loss of situa8on awareness Knowing workflow is blocked Confusion about what is going on Device configura8on interac8ons with security controls can also nega8vely impact workflow This can impact safety of any of the pa8ents being treated by that staff member 3/17/ Adven8um Labs and 12
13 Emergency response During medical emergencies, medical device therapies can interact with emergency response Infusion pumps, ven8lators, defibrillators Introduc8on of security controls can interfere with emergency response Design challenge create controls that secure the device in non- emergency situa8ons without interfering during emergencies 3/17/ Adven8um Labs and 13
14 Devices Cross Trust Zones The same device could be used in many different medical contexts Surgery Cri8cal Care ER/ICU Standard floor Outpa8ent Home Should the same security controls be applied in all situa8ons? 3/17/2014 Ambulatory 2014 Adven8um Labs and 14
15 Research Ques8ons 3/17/ Adven8um Labs and 15
16 Usable authen8ca8on Classic IT authen8ca8on is User ID/Password Likely used to access the EMR What medical device interac8ons should have user authen8ca8on requirements? Configuring diagnosis/therapy sekngs? In the pa8ent room versus remotely? Machine- to- machine authen8ca8on op8ons Authen8ca8on over peripheral interfaces What about so\ware updates to the device? Impact on workflow Pa8ent checks, device changes, device maintenance 3/17/ Adven8um Labs and 16
17 Authen8ca8on discussion Infusion pump Drug Library Electronic Medical Record Pa8ent ID Ini8al configura8on of device to a pa8ent? Nurse inputs to front panel? When, where, how? Drug Library updates? M2M cer8ficate EMR access? Pa8ent ID link? Pump network configura8on? Pump firmware changes? 3/17/2014 Overall impact on workflow for nursing and IT staff 2014 Adven8um Labs and 17
18 Trust- zone aware device management Spectrum Surgery/ICU Physical security exists Pa8ent associated with fixed loca8on Clinical staff physically present making rapid decisions Higher pa8ent risk IT/Clinical Engineering 8ghtly controls configura8ons Home healthcare May be no physical security Pa8ent moves about an interacts with other people Clinical staff remotely located making decisions across groups of pa8ents May have no trained IT staff suppor8ng configura8ons How should a device be designed to be used in different trust zones? Limit func8onality? Adapt security controls? Can a device automa8cally configure itself? What use errors occur if a device is misconfigured for the trust- zone it is opera8ng in? 3/17/ Adven8um Labs and 18
19 Low- impact non- repudia8on methods Privacy laws create the need for holders of pa8ent data to verify who accessed that data Example logging access via an EMR For legal, liability and best clinical care prac8ces, this requirement may be extended Who changed a device sekng, provided therapy, acknowledged an alarm What is the best means to provide such informa8on at the point of care? Balancing workflow impact, use errors, strength of electronic assurance of iden8ty and device cost 3/17/ Adven8um Labs and 19
Poten&al Impact of FDA Regula&on of EMRs. October 27, 2010
Poten&al Impact of FDA Regula&on of EMRs October 27, 2010 Agenda The case for regula&ng Impact on manufacturers Impact on providers Recommenda&ons and best prac&ces 2 A Medical Device Is an instrument,
More informationKaseya Fundamentals Workshop DAY THREE. Developed by Kaseya University. Powered by IT Scholars
Kaseya Fundamentals Workshop DAY THREE Developed by Kaseya University Powered by IT Scholars Kaseya Version 6.5 Last updated March, 2014 Day Two Overview Day Two Lab Review Patch Management Configura;on
More informationInterna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES
Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES Agenda Importance of Common Cloud Standards Outline current work undertaken Define
More informationDisrup've Innova'ons Track
Disrup've Innova'ons Track Product Disrup-ons: Medical Device Cybersecurity Presenter: Adam Brand, Associate Director, Pro-vi- V. 1.1 FACULTY DISCLOSURE The faculty reported the following financial relationships
More informationUpdate on the Cloud Demonstration Project
Update on the Cloud Demonstration Project Khalil Yazdi and Steven Wallace Spring Member Meeting April 19, 2011 Project Par4cipants BACKGROUND Eleven Universi1es: Caltech, Carnegie Mellon, George Mason,
More informationIT Change Management Process Training
IT Change Management Process Training Before you begin: This course was prepared for all IT professionals with the goal of promo9ng awareness of the process. Those taking this course will have varied knowledge
More informationVoIP Security How to prevent eavesdropping on VoIP conversa8ons. Dmitry Dessiatnikov
VoIP Security How to prevent eavesdropping on VoIP conversa8ons Dmitry Dessiatnikov DISCLAIMER All informa8on in this presenta8on is provided for informa8on purposes only and in no event shall Security
More informationUpdate on the Cloud Demonstration Project
Update on the Cloud Demonstration Project Steven Wallace Joint Techs Summer 2011 13- July- 2011 Project Par4cipants BACKGROUND Twelve Universi,es: Caltech, Carnegie Mellon,Cornell George Mason, Indiana
More informationFTC Data Security Standard
FTC Data Security Standard The FTC takes the posi6on (Being tested now in li6ga6on) that Sec6on 5 of the FTC Act requires Reasonable Security under the circumstances: that companies have reasonable controls
More informationMobile Applica,on and BYOD (Bring Your Own Device) Security Implica,ons to Your Business. Dmitry Dessiatnikov
Mobile Applica,on and BYOD (Bring Your Own Device) Security Implica,ons to Your Business Dmitry Dessiatnikov DISCLAIMER All informa,on in this presenta,on is provided for informa,on purposes only and in
More informationPhone Systems Buyer s Guide
Phone Systems Buyer s Guide Contents How Cri(cal is Communica(on to Your Business? 3 Fundamental Issues 4 Phone Systems Basic Features 6 Features for Users with Advanced Needs 10 Key Ques(ons for All Buyers
More informationPES Has The Sustainable Solu2on For Chronic Care Management
PES Has The Sustainable Solu2on For Chronic Care Management Empowering pa2ents to lead the management of their chronic diseases through a proven and effec2ve model of collabora2on with clinicians and caregivers.
More informationOverview of SOTI. www.so%.net
Overview of SOTI www.so%.net World s Most Trusted MDM Vendor 12,000+ customers, millions of devices managed worldwide Since 1995, SOTI Inc. has been developing industry - leading technology that solves
More informationPrivileged Administra0on Best Prac0ces :: September 1, 2015
Privileged Administra0on Best Prac0ces :: September 1, 2015 Discussion Contents Privileged Access and Administra1on Best Prac1ces 1) Overview of Capabili0es Defini0on of Need 2) Preparing your PxM Program
More informationNETWORK DEVICE SECURITY AUDITING
E-SPIN PROFESSIONAL BOOK VULNERABILITY MANAGEMENT NETWORK DEVICE SECURITY AUDITING ALL THE PRACTICAL KNOW HOW AND HOW TO RELATED TO THE SUBJECT MATTERS. NETWORK DEVICE SECURITY, CONFIGURATION AUDITING,
More informationCompu4ng Privacy Requirements
Security Requirements Security in Compu4ng, Chapters 1 & 10. 1 Topics What are the key requirements to implement a secure system? Privacy Anonymity Authen4ca4on & Authorisa4on Integrity Audit 2 Privacy
More informationNIST Email Security Improvements. William C. Barker and Scott Rose October 22, 2015 M3AAWG 35 th General Meeting
NIST Email Security Improvements William C. Barker and Scott Rose October 22, 2015 M3AAWG 35 th General Meeting Presenters Scott Rose Computer Scientist, NIST ITL William (Curt) Barker Guest Researcher,
More informationEvolution of Cyber Security in Healthcare
Evolution of Cyber Security in Healthcare Spencer L SooHoo, PhD Director, Scientific Computing & Chief Security Officer Enterprise Information Services Healthcare and Security How we got here Healthcare
More informationBadUSB On accessories that turn evil
BadUSB On accessories that turn evil Karsten Nohl Sascha Krißler Jakob Lell SRLabs Template v12 Demo 1 USB s&ck takes over Windows machine 2 Agenda
More informationSo#ware- based CyberSecurity. Michael Butler Gennaro Parlato Electronic and So.ware Systems (ESS)
So#ware- based CyberSecurity Michael Butler Gennaro Parlato Electronic and So.ware Systems (ESS) Security is mul;- faceted Confiden;ality Authen;ca;on Authorisa;on / Access Control Trust / Reputa;on Anonymity
More informationSecurity testing the Internet-of-things
Security testing the Internet-of-things Lindholmen Software Development Day 2014-10-16 Emilie Lundin Barse Informa(on Security Consultant, Combitech emilie.barse@combitech.se Contents State of security
More informationCSER & emerge Consor.a EHR Working Group Collabora.on on Display and Storage of Gene.c Informa.on in Electronic Health Records
electronic Medical Records and Genomics CSER & emerge Consor.a EHR Working Group Collabora.on on Display and Storage of Gene.c Informa.on in Electronic Health Records Brian Shirts, MD, PhD University of
More informationMain Research Gaps in Cyber Security
Comprehensive Approach to cyber roadmap coordina5on and development Main Research Gaps in Cyber Security María Pilar Torres Bruna everis Aerospace and Defence Index CAMINO WP2: Iden8fica8on and Analysis
More informationData Privacy and Data Security in Telemedicine Applica5ons. Patrick Harpes www.monitor it.lu
Data Privacy and Data Security in Telemedicine Applica5ons Patrick Harpes www.monitor it.lu Agenda Right to privacy Data/Informa@on security Data security measures Risks using telemedicine Composi@on of
More informationHadoop- Based Data Explora1on for the Healthcare Safety- Net Technical & Sociocultural Challenges to Big Data Usability
Hadoop- Based Data Explora1on for the Healthcare Safety- Net Technical & Sociocultural Challenges to Big Data Usability David Hartzband, D.Sc. Research Affiliate, SSRC, MIT & Director, Technology Research
More informationDisaster Recovery Planning and Implementa6on. Chris Russel Director, IT Infrastructure and ISO Compu6ng and Network Services York University
Disaster Recovery Planning and Implementa6on Chris Russel Director, IT Infrastructure and ISO Compu6ng and Network Services York University Agenda Background for York s I.T. Disaster Recovery Planning
More informationHIPAA Compliance and Electronic Protected Health Informa6on: Ignorance is not bliss!
Maxxum, Inc. HIPAA Compliance and Electronic Protected Health Informa6on: Ignorance is not bliss! Medical Device ephi Risk Iden6fica6on and Mi6ga6on Webinar Overview Relevance why this topic? Risk a perspective
More informationOnline Enrollment Op>ons - Sales Training. 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1
Online Enrollment Op>ons - Sales Training 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1 Agenda Understand Why This is Important Enrollment Op>ons Available EDI Blues Enroll
More informationAn Introduc+on to CloudPrime
TM An Introduc+on to CloudPrime Secure messaging pla/orm to protect pa2ent privacy and uphold HIPAA/HITECH regula2on Mari Tangredi, CloudPrime 1 CloudPrime Company Overview! Headquartered in San Francisco,
More informationCapabili'es for Strengthening Cybersecurity Resilience
Capabili'es for Strengthening Cybersecurity Resilience In the Homeland Security Enterprise September 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innova=on Protects
More informationIntroduc;ons (and disclaimers)
Got Smart Data? Trailblazing the Path from Insights to Ac;ons in Radiology RSNA 2015 Refresher Course, MSAS22, Room S105AB Monday, 11/30/15 10:30 AM - 12:00 PM (Sponsored by the Associated Sciences Consor;um)
More informationNetwork Performance Tools
Network Performance Tools Jeff Boote Internet2/R&D June 1, 2008 NANOG 43/ Brooklyn, NY Overview BWCTL OWAMP NDT/NPAD BWCTL: What is it? A resource alloca=on and scheduling daemon for arbitra=on of iperf
More informationPu?ng B2B Research to the Legal Test
With the global leader in sampling and data services Pu?ng B2B Research to the Legal Test Ashlin Quirk, SSI General Counsel 2014 Survey Sampling Interna6onal 1 2014 Survey Sampling Interna6onal Se?ng the
More information2015-16 ITS Strategic Plan Enabling an Unbounded University
2015-16 ITS Strategic Plan Enabling an Unbounded University Update: July 31, 2015 IniAaAve: Agility Through Technology Vision Mission Enable Unbounded Learning Support student success through the innovaave
More informationHIPAA Privacy Policy (Revised Feb. 4, 2015)
Valley Bone & Joint Clinic HIPAA Privacy Policy (Revised Feb. 4, 2015) 1. PURPOSE Valley Bone & Joint Clinic is commi2ed to protec6ng the rights of our pa6ents. In compliance with the Health Insurance
More informationB2B Offerings. Helping businesses op2mize. Infolob s amazing b2b offerings helps your company achieve maximum produc2vity
B2B Offerings Helping businesses op2mize Infolob s amazing b2b offerings helps your company achieve maximum produc2vity What is B2B? B2B is shorthand for the sales prac4ce called business- to- business
More informationInternet of Things (IoT) CSE237A Introduc1on to Embedded Compu1ng
Internet of Things (IoT) CSE237A Introduc1on to Embedded Compu1ng Outline Introduc1on to IoT Enabling technologies Open problems and future challenges Applica1ons 2 What is IoT? A phenomenon which connects
More informationEmerging Issues in Healthcare Robo5cs and Ar5ficial Intelligence. Kathryn R. Coburn Cooke Kobrick & Wu LLP Santa Monica, CA 90404
Emerging Issues in Healthcare Robo5cs and Ar5ficial Intelligence Kathryn R. Coburn Cooke Kobrick & Wu LLP Santa Monica, CA 90404 Agenda Silvestrini v. Intui5ve Surgical, Inc. No. 11-270 (E.D. La.) Taylor
More informationHIPAA Basics. Health Insurance Portability and Accountability Act of 1996
HIPAA Basics Health Insurance Portability and Accountability Act of 1996 HIPAA: What Is HIPAA? Protects the privacy of healthcare informa@on for all Americans, including the individuals you support Protects
More informationSIM card exploita9on. The SRLabs Team. SRLabs Template v12
SIM card exploita9on The SRLabs Team SRLabs Template v12 SIM cards are fully programmable computer systems Applica'ons on modern SIM card Smartcard with real- 9me opera9ng system Basic func'ons Iden9fica9on
More informationCybersecurity and Your Computer: What's At Risk and What Can You Do?
Cybersecurity and Your Computer: What's At Risk and What Can You Do? Gary C. Kessler Embry- Riddle Aeronau2cal University March 2013 1 1 Beep Beep 2 Overview What is on your computer? Why does your computer
More informationReali9es of Being PCI Compliant
Reali9es of Being PCI Compliant Miguel (Mike) O. Villegas CISA, CISSP, GSEC, CEH, QSA, PA- QSA, ASV Vice President- K3DES LLC Professional Strategies S23 CRISC CGEIT CISM CISA Abstract PCI DSS compliance
More informationSecurity Awareness. Top Security Issues. Office of Informa(on Technology Informa5on Security Department 2011-2012 BE CYBER SAFE
Security Awareness Office of Informa(on Technology Informa5on Security Department 2011-2012 Top Security Issues BE CYBER SAFE 1 Top Security Items for 2011-2012 Passwords Social Networking Phishing Malware,
More informationMobility in the Modern Factory. Discussion of Mobile Adop7on for the Factories of the Future
Mobility in the Modern Factory Discussion of Mobile Adop7on for the Factories of the Future Talking Points History Lesson The Reasons for Going Mobile Mobile Infrastructure Mobile Device Security BYOD
More informationAlexander Polyakov CTO ERPScan
Invest in security to secure investments ERP Security. Myths, Problems, Solu6ons Alexander Polyakov CTO ERPScan About ERPScan The only 360- degree SAP Security solu8on - ERPScan Security Monitoring Suite
More informationLegacy Archiving How many lights do you leave on? September 14 th, 2015
Legacy Archiving How many lights do you leave on? September 14 th, 2015 1 Introductions Wendy Laposata, Himforma(cs Tom Chase, Cone Health 2 About Cone Health More than 100 loca=ons 6 hospitals, 3 ambulatory
More informationDC Department of Health Care Finance Health Informa4on Exchange
Orion Health DC Department of Health Care Finance Health Informa4on Exchange December 19, 2012 DC Department of Health Care Finance Introduc4ons Introduc=ons Kirk Hendler Federal Government Sales Director
More informationMigrating to Hosted Telephony. Your ultimate guide to migrating from on premise to hosted telephony. www.ucandc.com
Migrating to Hosted Telephony Your ultimate guide to migrating from on premise to hosted telephony Intro What is covered in this guide? A professional and reliable business telephone system is a central
More informationShannon Rykaceski Director of Opera4ons CCFHCC
Shannon Rykaceski Director of Opera4ons CCFHCC PRESENTER BIO Shannon Salicce Rykaceski Director of Opera4ons for the Catholic Chari4es Free Health Care Center (CCFHCC), located in PiCsburgh, PA. Prior
More informationSuppor&ng the Design of Safety Cri&cal Systems Using AADL
Suppor&ng the Design of Safety Cri&cal Systems Using AADL T. Correa, L. B. Becker, J.- M. Farines, J.- P. Bodeveix, M. Filali, F. Vernadat IRIT LAAS UFSC Agenda Introduc&on Proposed Approach Verifica&on
More informationHow To Manage A Mobile Device Management At Harvard
Demys&fying Mobile Device Management Challenges Indir Avdagic Director of Informa.on Security and Risk Management, SEAS Objec&ves Our hope is that this conversa0on will get people thinking about mobile
More informationWhat is a Connected TV. User Experience in Connected TV A usability and eye tracking research 5/3/12
User Experience in Connected TV A usability and eye tracking research Mari- Carmen Marcos. Communica>on Department. Universitat Pompeu Fabra. Verónica Mansilla. Student at Master in Digital Contents Management
More informationCase Studies in Solving Testing Constraints using Service Virtualization
Case Studies in Solving Testing Constraints using Service Virtualization Rix.Groenboom@Parasoft.NL 2/21/14 1 Introduction Paraso& is supplier automated tes1ng solu1ons Since 1984, Los Angeles (US) and
More informationSophos Ltd. All rights reserved.
Sophos Ltd. All rights reserved. 1 Sophos Approach to Unified Security Integrated Security for Be9er Protec;on James Burchell & Greg Iddon, Sales Engineers UK&I, Technology Services What we re going to
More informationMarch 10 th 2011, OSG All Hands Mee6ng, Network Performance Jason Zurawski Internet2 NDT
March 10 th 2011, OSG All Hands Mee6ng, Network Performance Jason Zurawski Internet2 NDT Agenda Tutorial Agenda: Network Performance Primer Why Should We Care? (15 Mins) GeNng the Tools (10 Mins) Use of
More informationHIPAA Breaches, Security Risk Analysis, and Audits
HIPAA Breaches, Security Risk Analysis, and Audits Derrick Hill Senior Health IT Advisor Kentucky REC What cons?tutes PHI? HIPAA provides a list of 18 iden?fiers that cons?tute PHI. Any one of these iden?fiers
More informationCS 5150 So(ware Engineering System Architecture: Introduc<on
Cornell University Compu1ng and Informa1on Science CS 5150 So(ware Engineering System Architecture: Introduc
More informationMobile Weblink Security
Name Maryam Al- Naemi Date 11/01/2013 Subject ITGS higher level Title How safe is the informa@on we store on our smartphones? Area of impact Home & Leisure Social & Ethical Issue Security Ar:cle Smartphone
More informationndna Tim Hughes Avdeling for Medisinsk Gene@kk Oslo Universitets Sykehus (Ullevål)
ndna Utvikling av nasjonal analyse- og lagringspla3orm for DNA sekvensdata i helsevesenet Tim Hughes Avdeling for Medisinsk Gene@kk Oslo Universitets Sykehus (Ullevål) My goal Present the ndna project
More informationAPP-SOLUTELY SECURITY: The State of Mobile Security. CARTES Secure Connexions The Digital Security World MAY 14, 2014
APP-SOLUTELY SECURITY: The State of Mobile Security CARTES Secure Connexions The Digital Security World MAY 14, 2014 APP-SOLUTELY SECURITY: The State of Mobile Security Session Topics Current Sta*s*cs
More informationThis presenta,on covers the essen,al informa,on about IT services and facili,es which all new students will need to get started.
This presenta,on covers the essen,al informa,on about IT services and facili,es which all new students will need to get started. 1 Most of the informa,on is covered in more depth on the Informa,on Services
More informationSecurity Protocols: SSH. Michael E. Locasto University of Calgary
Security Protocols: SSH Michael E. Locasto University of Calgary Agenda Philosophy: data protec?on on the network Discussion of SSH SSH history Authen?ca?on Mechanisms SSH2 design overview / architecture
More informationconfigurability compares with typical SIEM & Log Management systems Able to install collectors on remote sites rather than pull all data
Software Comparison Sheet SIEM & Log OpViewTM from Software leverages a completely new database architecture to deliver the most flexible monitoring system available on the market today. This award-winning
More informationconfigurability compares with typical Asset Monitoring systems Able to install collectors on remote sites rather than pull all data
Software Comparison Sheet OpViewTM from Software leverages a completely new database architecture to deliver the most flexible monitoring system available on the market today. This award-winning solution
More informationORION Retail Systems. Orion Digital Integration Inc. Point of Sale Reinvented for a Mobile World
ORION Retail Systems Orion Digital Integration Inc Point of Sale Reinvented for a Mobile World O Orion Retail Systems ORION Digital Integraon Inc. - Corporate Profile Established in 2003, Orion Digital
More information12-01- 31. Outline. Setting the Stage. Se#ng the stage for precep0ng drug therapy assessment Elements of drug therapy assessment Hierarchy Flow chart
12-01- 31 Preceptor Development: Patient Care Process Drug Therapy Assessment Outline Se#ng the stage for precep0ng drug therapy assessment Elements of drug therapy assessment Hierarchy Flow chart Student
More informationThe Pros and Cons of Organiza2on
Remain Independent or Align? A Guide To Manage Through This Cri2cal Decision Sponsored By: TRG Healthcare October 12, 2010 1 Welcome Remain Independent or Align? A Guide To Manage Through This Cri=cal
More informationProtec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protec/ng Informa/on Assets Greg Senko
Protec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning MIS5206 Week 8 In the News Readings In Class Case Study BCP/DRP Test Taking Tip Quiz In the News Discuss items
More informationConsiderations for using the Web for Medical Device Applications
Considerations for using the Web for Medical Device Applications MEDS, San Diego August 23 rd, 2012 Daniel Sterling, President Who is Sterling? Your Partner in Medical Device Development What we do: o
More informationBuild- It- Yourself: So2ware Oscilloscope and Func:on Generator
Build- It- Yourself: So2ware Oscilloscope and Func:on Generator David Stein (dstein3@gmu.edu; hfp://djstein.com) Adapted from earlier projects by Alireza Akhavian (GMU) and Jan Henrik (hfp://instructables.com)
More informationAn Econocom Group company. Your partner in the transi4on towards Mobile IT
An Econocom Group company Your partner in the transi4on towards Mobile IT A few key figures 40 000 mobile terminals integrated annually 200 M of telecom expenses managed 50 000 mobility support 4ckets
More informationSession 6: Implementation in the context of health systems strengthening (HSS) and universal health coverage (UHC) SAGE 12-14 April 2016
Dr Humphrey Karamagi, Health Systems Advisor and a.i. Head WHO Country Office, Seychelles, WHO/AFRO 1 Session 6: Implementation in the context of health systems strengthening (HSS) and universal health
More informationEngaging and Communica-ng with Pa-ents and Providers. Constituent Experience
Engaging and Communica-ng with Pa-ents and Providers Constituent Experience Welcome Panel Jenny Whitham, Director of Information Technologies, North Dakota Department of Human Services Thangappan Patturajah,
More informationCer$ficates- as- an- Insurance (CaaI): Incen$vizing Accountability in SSL/TLS
Cer$ficates- as- an- Insurance (CaaI): Incen$vizing Accountability in SSL/TLS Stephanos Matsumoto (CMU/ETH Zurich) Raphael M. Reischuk (ETH Zurich) Workshop on the Security of Emerging Network Technologies
More informationBest Prac*ces for Deploying Oracle So6ware on Virtual Compute Appliance
Best Prac*ces for Deploying Oracle So6ware on Virtual Compute Appliance CON7484 Jeff Savit Senior Technical Product Manager Oracle VM Product Management October 1, 2014 Safe Harbor Statement The following
More informationNetwork Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones
Network Security Security in Compu5ng, Chapter 7 Topics l Network AAacks l Reconnaissance l AAacks l Spoofing l Web Site Vulnerabili5es l Denial of Service l Network Defences l Firewalls l Demilitarised
More informationAssessing BYOD with the Smarthpone Pentest Framework. Georgia Weidman
Assessing BYOD with the Smarthpone Pentest Framework Georgia Weidman BYOD Is Not New Contractor Laptop Rogue Access Point Gaming Console Tradi>onal Vulnerability Scanning The iphone in Ques>on Is
More informationDNS Traffic Monitoring. Dave Piscitello VP Security and ICT Coordina;on, ICANN
DNS Traffic Monitoring Dave Piscitello VP Security and ICT Coordina;on, ICANN Domain Names ICANN coordinates the administra2on of global iden2fier systems Domain names provide user friendly identification
More informationUAB Cyber Security Ini1a1ve
UAB Cyber Security Ini1a1ve Purpose of the Cyber Security Ini1a1ve? To provide a secure Compu1ng Environment Individual Mechanisms Single Source for Inventory and Asset Management Current Repor1ng Environment
More informationEffec%ve AX 2012 Upgrade Project Planning and Microso< Sure Step. Arbela Technologies
Effec%ve AX 2012 Upgrade Project Planning and Microso< Sure Step Arbela Technologies Why Upgrade? What to do? How to do it? Tools and templates Agenda Sure Step 2012 Ax2012 Upgrade specific steps Checklist
More informationHelp Framework. Ticket Management Ticket Resolu/on Communica/ons. Ticket Assignment Follow up Customer - communica/on System updates Delay management
Help for JD Edwards Our Help Framework Ticket qualifica/on Ticket crea/on Ticket Rou/ng Closures L1 issues Resolu/on KG SOPs Co- ordinate Ticket Assignment Follow up Customer - communica/on System updates
More informationECIA RiSE Initiative. Risk Assessment Database
ECIA RiSE Initiative Risk Assessment Database Contents Background Planning Outcome Process (Training Slides) System in prac:ce Background BB audit & inspec:on process established differing approaches to
More informationApache web server: ConceI avanza0 (Lezione 2, Parte I) Emiliano Casalicchio (C) emiliano.casalicchio@uniroma1.it
Corso di Proge+azione di Re0 e Sistemi Informa0ci Apache web server: ConceI avanza0 (Lezione 2, Parte I) Emiliano Casalicchio emiliano.casalicchio@uniroma1.it Agenda ConceI e pra0ca sul Virtual hos0ng
More informationPreventing Cyber Security Attacks Against the Water Industry
Preventing Cyber Security Attacks Against the Water Industry Presented by Michael Karl October 2012 Acknowledgements Infracri5cal SCADA Security Newsgroup CH2M HILL, Automa5on Cyber- Security Prac5ce Team
More informationHow To Protect Virtualized Data From Security Threats
S24 Virtualiza.on Security from the Auditor Perspec.ve Rob Clyde, CEO, Adap.ve Compu.ng; former CTO, Symantec David Lu, Senior Product Manager, Trend Micro Hemma Prafullchandra, CTO/SVP Products, HyTrust
More informationMission. To provide higher technological educa5on with quality, preparing. competent professionals, with sound founda5ons in science, technology
Mission To provide higher technological educa5on with quality, preparing competent professionals, with sound founda5ons in science, technology and innova5on, commi
More informationMeasuring Pa,ent- Centred Care Integra,on of PROMs/PREMs into EHRs
Measuring Pa,ent- Centred Care Integra,on of PROMs/PREMs into EHRs Nov 27-28, 2014 Francis Lau PhD, FCAHS University of Victoria 1 Outline Current EHR Landscape Integra,ng PROMs/PREMs into EHR Implementa,on
More informationCompTIA A+ Partner Update October 21, 2015
CompTIA A+ Partner Update October 21, 2015 Agenda Cer;fica;on Update Industry & Job Role Changes Cer;fica;on Changes Posi;oning & Compe;;ve Comparisons Key Dates Marke;ng and Promo;ons 2 WHY CHANGE IT
More informationProtec'ng Communica'on Networks, Devices, and their Users: Technology and Psychology
Protec'ng Communica'on Networks, Devices, and their Users: Technology and Psychology Alexey Kirichenko, F- Secure Corpora7on ICT SHOK, Future Internet program 30.5.2012 Outline 1. Security WP (WP6) overview
More informationRetail Pharmacy Clinical Services: Influence of ACOs & Healthcare Financing Models
Retail Pharmacy Clinical Services: Influence of ACOs & Healthcare Financing Models Tim Kosty, R.Ph., MBA President Pharmacy Healthcare Solu
More informationPrac%cal Informa%cs Course 2009 Intersystem Communica%on and Computer Interfaces. Jeffrey Fine MD Magee Womens Hospital of UPMC
Prac%cal Informa%cs Course 2009 Intersystem Communica%on and Computer Interfaces Jeffrey Fine MD Magee Womens Hospital of UPMC Objec%ves Present a high level overview of what interfaces are and what they
More informationAgenda. What Data Science Can Learn from Training in Biomedical Informa8cs: The OHSU Experience
What Data Science Can Learn from Training in Biomedical Informa8cs: The OHSU Experience William Hersh, MD, FACP, FACMI Professor and Chair Department of Medical Informa8cs & Clinical Epidemiology Oregon
More informationMEDICAL DEVICE Cybersecurity.
MEDICAL DEVICE Cybersecurity. 2 MEDICAL DEVICE CYBERSECURITY Introduction Wireless technology and the software in medical devices have greatly increased healthcare providers abilities to efficiently and
More informationApp Development: An NHS Guide for Developing Mobile Healthcare Applications
NHS Innovations South East App Development: An NHS Guide for Developing Mobile Healthcare Applications May 2014 Developed with funding from the Intellectual Property Office Fast Forward 2013 Competition.
More informationHow To Perform a SaaS Applica7on Inventory in. 5Simple Steps. A Guide for Informa7on Security Professionals. Share this ebook
How To Perform a SaaS Applica7on Inventory in 5Simple Steps A Guide for Informa7on Security Professionals WHY SHOULD I READ THIS? This book will help you, the person in the organiza=on who cares deeply
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to Health Information Risks vary based on the mobile device and its use. Some risks include:
More informationTrus%ng your Cloud Provider s System
Trus%ng your Cloud Provider s System Retaining Control over Private Virtual Machines Hosted by a Cloud Provider Using Mandatory Access Control, Trusted Boot and A>esta?on Vorarlberg University of Applied
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to to Health Mobile Information Devices: Risks to Health Information Risks vary based on the
More informationWhite Paper. Star2Star Blended Architecture What Makes it Different? What Makes it Better? OVERVIEW
STAR2STAR COMMUNICATIONS WHITE PAPER SERIES White Paper OVERVIEW In this paper, we discuss: What s wrong with the existing telephone network? Three ways to switch to VoIP What s Different about Star2Star?
More information