Well said!

Dennis Burgess, MCP, CCNA, A+, N+, Mikrotik Certified
[EMAIL PROTECTED]
www.2kwireless.com
 
2K Wireless provides high-speed internet access, along with network
consulting for WISPs, and business's with a focus on TCP/IP networking,
security, and Mikrotik routers.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Marlon K. Schafer (509) 982-2181
Sent: Monday, November 27, 2006 4:25 PM
To: WISPA General List
Subject: Re: [WISPA] Wireless Security biting you in the ass?

Officially, hippa compliance is a CLIENT issue.  As long as the data is 
properly encrypted there's no need for the transport to be.

Some will argue this (mainly the telco but sometimes the customer).  It's 
still a fact.

Questions to ask them.
What do the Doctors use for connectivity to their handheld devices?  Right, 
wireless.
What is the encryption mechanism on a t-1 or dsl link?  Right, none.
What is the security on the cable network?  Right, none.
Does the facility have a wireless network?  Care to have me break into it 
for you?  (I'm told that WPA has now been cracked too.)

We went around in circles with a local Sheriff's office on this issue.  In 
the end it was decided that the only real way to be hippa compliant was to 
encrypt the data AT THE PC level.  ANYTHING done after that point was all 
but useless.  They confirmed this with the DOJ.  All that's needed is data 
security, not transport security.  If transport security is what's wanted 
then EVERY vlan switch, router etc. in the loop is a possible security hole.

This risk runs end to end, regardless of the transport medium.

Good luck.
Marlon
(509) 982-2181                                   Equipment sales
(408) 907-6910 (Vonage)                    Consulting services
42846865 (icq)                                    And I run my own wisp!
64.146.146.12 (net meeting)
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam



----- Original Message ----- 
From: "John Scrivner" <[EMAIL PROTECTED]>
To: <wireless@wispa.org>
Sent: Monday, November 27, 2006 2:16 PM
Subject: [WISPA] Wireless Security biting you in the ass?


> Wireless broadband security issues have now officially led to my business 
> being put into a bad light due to perceived lack of security. I am a 
> member of a regional broadband planning group that is working with health 
> care and other industry sectors to help deliver broadband options to all 
> areas that need it. Rural Health centers and hospitals are all over the 
> region and most need access to broadband which is highly secure. I need to

> know what others have done to bring HIPAA compliance assurance to network 
> administrators and hospital personnel so that your solutions are chosen 
> and used for health care connectivity. Currently my services are not being

> considered do to the perception of a lack of HIPAA security compliance. I 
> need to get on top of this right now and welcome your thoughts and ideas. 
> I would prefer to hear from those of you who have some actual knowledge of

> delivering HIPAA compliant connections or those who provide equipment 
> which has been documented to meet HIPAA compliance.
> Thank you,
> John Scrivner
>
> -- 
> WISPA Wireless List: wireless@wispa.org
>
> Subscribe/Unsubscribe:
> http://lists.wispa.org/mailman/listinfo/wireless
>
> Archives: http://lists.wispa.org/pipermail/wireless/ 

-- 
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/



-- 
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/

Reply via email to