Posted on 12/06/2008 4:39:18 PM PST by Swordmaker
SAN FRANCISCO Internet security is broken, and nobody seems to know quite how to fix it.
Despite the efforts of the computer security industry and a half-decade struggle by Microsoft to protect its Windows operating system, malicious software is spreading faster than ever. The so-called malware surreptitiously takes over a PC and then uses that computer to spread more malware to other machines exponentially. Computer scientists and security researchers acknowledge they cannot get ahead of the onslaught.
(Excerpt) Read more at nytimes.com ...
At work I’m STRONGLY advocating a policy I came up with that forbids internal networks and computers to have any physical path or access to the internet at all. I have created an entirely separate physical network that computers can use to go online. In all work areas there can be a computer that is there for internet use, and internet use ONLY.
So far, I’m running into stiff resistance, so I doubt it will happen. Being a hospital, I don’t think we can or should risk any computer that handles patient information to have access to the internet. At least I tried.... Two years ago I found a key logger running on a registration computer. I went screaming to my boss about it, and his eyes glazed over when I tried to explain to him what a key logger was(typical IT director).
Or is MFS--T?
bookmark
That's right.
Amazing << Hear this. Feel this, and tell me that this isn't music.
Groove to Black Violin EPK, too.
CIS student here. Just out of curiosity, could you expand a little bit? How did you plan to physically house a second network parallel to your hospital’s existing intranet?
Awesome stringz, sometimes words have no place in music...
If you need web browsing you can set up a filtered proxy server. If you need email, you can set up an internal SMTP server.
That is the way most businesses handle it.
Tech ping!
I knew his brothers, Wackoof and Jackoff!
Bump
That's what we do. We also use firewalls. Malware still sometimes gets through via Internet Explorer.
Um, you can’t give your account root level privs in the GUI, and hacking your account in terminal is a big pain. Not on a Mac, sorry.
Another approach might be to separate servers from clients. Keep your patient data on Unix machines with no GUI. Access it from Windows, or better yet, use thin clients. These might have a web browser, but it would run on a Unix box and be served remotely over the network.
This would be more economical and more secure, and is one of the newer approaches to IT architecture aimed at businesses where security is more important than convenience.
Of course, workers might complain about not being able to goof off. You’d have to tell them that the computers are for work.
” hacking your account in terminal is a big pain. “
FOR YOU MAYBE, BUT NOT FOR SOMEONE THAT KNOWS WHAT THEY ARE DOING.
” I found a key logger running on a registration computer. “
Save your breath. “You have no privacy, get over it.” S McNealy.
NICE CAPS.
Then tell us how it’s done in Mac OS X 10.5.5.
Oh, and before you flip the “what, you don’t know either?” back at me, I already have the tech note up on my screen.
Here’s a hint - root is turned off by default.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.