Comments
Halamka Knows Perils And Promise Of Healthcare BYOD
Newest First  |  Oldest First  |  Threaded View
jmmyEMR
50%
50%
jmmyEMR,
User Rank: Apprentice
1/8/2013 | 7:47:27 PM
re: Halamka Knows Perils And Promise Of Healthcare BYOD
I totally agreed with the writer. Although, I was tempted to disagreed in a cetain area.
Perimeter E-Security
50%
50%
Perimeter E-Security,
User Rank: Apprentice
12/17/2012 | 6:17:03 PM
re: Halamka Knows Perils And Promise Of Healthcare BYOD
HealthcareGÇÖs poor cybersecurity track record is really troubling. Medical records are master keys into a patientGÇÖs life; they contain all of the critical data that would enable thieves to clear nearly any security hurdle in assuming an identity for monetary gain or to perpetrate medical fraud. Clearly, addressing BYOD is a huge part of the security equation. ItGÇÖs great that BIDMC is giving this issue the attention it deserves. If your organization hasn't created a clear BYOD policy yet, I suggest taking a look at our list of BYOD traps to avoid: http://blog.perimeterusa.com/2...
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
12/17/2012 | 3:51:53 PM
re: Halamka Knows Perils And Promise Of Healthcare BYOD
I think you and Larry have touched upon my main point. That being, that a company can have a BYOD policy but they had better control it tightly or else they will some day pay a price.

In the end, the only difference between BYOD and company provided devices will be that the end user pays for the device. The company pays for everything else. And, I think that can be a very open ended spigot of ongoing expenses.

I would actually like to see someone do a decent study on what the cost differences are between those two scenarios. It seems to me that a company would be better off providing a choice in phones, tablets, etc. from the popular list and then only allowing those devices. Devices that the company has a hedge on protecting because they are a known quantity.
David Berlind
50%
50%
David Berlind,
User Rank: Apprentice
12/17/2012 | 12:25:25 AM
re: Halamka Knows Perils And Promise Of Healthcare BYOD
I agree (I think). It's not clear to me that BYOD is less secure than corporately issued mobile devices. At the end of the day, both are as secure as the enterprise decides to make them. It doesn't have to be Bring "Any" Device. For example, the majority of Samsung's Smartphones (eg: the S3) have some enterprise security firmware in them called SAFE. According to Samsung, not all EMM solutions (see Larry's reply) are created equal. Some EMM solutions like Mobile Iron, SOTI, Airwatch, SAP Afaria, and Zenprise do a better job of supporting SAFE than others. If an enterprise decides on Mobile Iron for it's EMM standard, then it could look to see what smartphones it ties into better than others and (1) limit the BYOD whitelist to those devices, and (2) require full compliance or the device is denied access. This isn't remarkably different from the way corporately issued devices have worked in the past and some EMM solutions go way beyond what came out of the box from Microsoft and RIM in years gone by. The enterprise just has to stick to its guns.
jaysimmons
50%
50%
jaysimmons,
User Rank: Apprentice
12/15/2012 | 8:13:49 PM
re: Halamka Knows Perils And Promise Of Healthcare BYOD
Even with the precautions taken by encrypting drives and enabling remote wipes, BYOD is still very risky for organizations, mostly because of the variety of applications and OSs that must be supported. A vulnerability in a mobile OS (such as the known vulns for Android and iOS) or client-side application (such as the recent Java update) can give access to patient records w/o the need to steal the device. I feel as if BYOD is just an added risk that isn't necessary, regardless of how much pressure physicians put on management. The bottom line is that healthcare organizations need to do what they can to secure patient data, and any BYOD opens up too many possibilities.

Jay Simmons
Information Week Contributor
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
12/14/2012 | 8:07:54 PM
re: Halamka Knows Perils And Promise Of Healthcare BYOD
I hate to say it but even though BIMDC has done a lot of work... they will never be secure if they continue to have an open BYOD policy.

Specific devices come and go on a daily basis. And new device types pop up all the time. There is no way for them to absolutely guarantee that all devices connecting to their network are secure.

BYOD may be unstoppable in general, but it can be regulated and controlled to the extent that is required to ensure data security. It just takes will power to say NO to certain devices, software, and - most importantly - employee attitudes about their "right" of use and access.


The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.