John,

Do you have a listing of HIPPA security needs?  


One thing you can do is provide a secure tunnel, IPSEC is best, or a
security on top of security approach.  This tunnel will run from your
customer equipment, his hospital, etc, to your boarder router etc that is
connected via fiber or land line.  At that point it is as secure as you can
get it.  

So, if you use WEP, Ya security sux, but then put IPSEC inside that WEP
packet, now you are talking.  T1s can be tapped, seen it done.  So with the
WEP and IPSEC you are always talking secure.  Add on top of that, the
application, and whatever it uses for security, HTTPS, etc.

It's a custom solution to a simple problem.  The only thing now that they
could complain about is what about someone sitting in the parking lot
listening to packets sent and received.  Can they do that with a T1 etc,
well, ya you can TAP a T1, usually done on the switch side of things?  All
you can do then is maybe offer a dedicated backhaul to them, with a
proportery protocol, something like Nstream would work, so now you have
Nstream, running WEP encrypted packets that has IPSEC packets inside that.
If the break it, they should get the data for the work they had to do.   Or
put up something like a optical service if you are close!  That would
eliminate that.  

Another question I would have to ask is, how secure is cable or DSL?  Figure
this, DSL lets every customer off of their DSLAM to coomuncate  to each
other, so does cable.  If someone had the right cable modem and off the same
segment, sure, they can capture every package that is going across the cable
line!

Thoughts.

Dennis Burgess, MCP, CCNA, A+, N+, Mikrotik Certified
[EMAIL PROTECTED]
www.2kwireless.com
 
2K Wireless provides high-speed internet access, along with network
consulting for WISPs, and business's with a focus on TCP/IP networking,
security, and Mikrotik routers.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of John Scrivner
Sent: Monday, November 27, 2006 4:17 PM
To: wireless@wispa.org
Subject: [WISPA] Wireless Security biting you in the ass?

Wireless broadband security issues have now officially led to my 
business being put into a bad light due to perceived lack of security. I 
am a member of a regional broadband planning group that is working with 
health care and other industry sectors to help deliver broadband options 
to all areas that need it. Rural Health centers and hospitals are all 
over the region and most need access to broadband which is highly 
secure. I need to know what others have done to bring HIPAA compliance 
assurance to network administrators and hospital personnel so that your 
solutions are chosen and used for health care connectivity. Currently my 
services are not being considered do to the perception of a lack of 
HIPAA security compliance. I need to get on top of this right now and 
welcome your thoughts and ideas. I would prefer to hear from those of 
you who have some actual knowledge of delivering HIPAA compliant 
connections or those who provide equipment which has been documented to 
meet HIPAA compliance.
Thank you,
John Scrivner

-- 
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/



-- 
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/

Reply via email to