Intensive Security
Posted: 10.04 - By Daniel Morris

A wireless hospital? Imagine medical records, lab reports, patient status—all available to a roaming hospital physician at the push of a button. Well, at the Children’s Hospital of Orange County (CHOC), a 202-bed pediatric care hospital located in the city of Orange, Calif., that employs a staff of more than 500 physicians, this scenario is practically a reality. Already physicians can access clinical data via PDA and, according to hospital VP and CIO Mark Headland, in November CHOC plans to implement a wireless “point of care” system. In other words, the traditional paper chart that has acted as a hospital patient’s record of treatment for decades is about to go digital.

There is, of course, one small snag. As we all know, where there is a WLAN there are security vulnerabilities. At a hospital like CHOC, the stakes are high. The Health Insurance Portability & Accountability Act of 1996 (HIPAA) mandates that health data that is transmitted or maintained electronically be kept secure and confidential. As CHOC moves closer to phasing out paper and relying on its wireless network to increasingly carry critical information, a patient’s health could potentially be placed at risk were the network disabled or otherwise unavailable, be it from a hacker attack or just accidental interference.

The Prescription

According to Headland, “We needed to start putting a lot more attention on security. I think a lot of hospitals in the past have sort of done security as an add-on.” To help defend CHOC’s WLAN, Headland turned to Network Chemistry, a company based in Palo Alto, Calif., that produces a radio sensor detection system called RFprotect. RFprotect utilizes purpose-built RF surveillance sensors that monitor across 802.11a, b and g bands, searching for rogue wireless devices (i.e., rogue APs, rogue bridges, ad-hoc networks, etc.), as well as watching for intruders and attacks—everything from war-drivers to DoS to MAC address spoofing. The sensors also look for vulnerabilities in the wireless network such as misconfigurations, weak implementations and breaches that might leave it exposed.

CHOC installed 10 sensors to cover all critical areas, which include the hospital and a portion of its clinical campus. As for the sensors,
Rob Markovich, CEO of Network Chemistry, explains, “They’re not access points, they just listen. They’re invisible to hackers. Even if [hackers] knew they existed, they couldn’t talk to these sensors and then try to use them to transmit back onto the network.”

While the sensors scan the air, a central server is archiving and assessing their findings. Then a Windows-based GUI presents the data in real time to the RFprotect Client Console. While CHOC has the system running on a single PC, Network Chemistry has since added a client server architecture to RFprotect so that operators can access the system via multiple laptops or PCs running the system software.

Markovich likens his company’s product to a trip wire. “It’s going to be the first to alert [Headland’s] team that suspicious things are going on. And they’ve got to be ahead of the curve—they can’t afford to find out after the fact that something’s been disabled.”

Headland agrees. As a digital record becomes more and more of a reality, he notes, “there is no tolerance for downtime. If we require our physicians and our nurses to get all their information from a computer and the system’s down and they have no alternatives, I don’t think they are going to tolerate even two hours of downtime.”

Feeling Fine

“It was really an easy roll-out,” remarks Dan Sanchez, chief security officer at CHOC. “I was really impressed with that.” He explains that the system took about an afternoon to implement, most of which was spent deciding where best to mount the sensors and where to link to IDF switches (the sensors utilize an Ethernet port). When it came to synching up the sensors, Sanchez comments, “The only caveat is, you have to be on the same network to discover the sensors … The setup is broadcast as long as you’re on the same segment delay. It takes maybe 10 seconds to discover and configure them.”

As for the results: “For the most part, we see misconfigured networks in adjacent buildings. We see that they’re just either not encrypted or Web-only networks. Their SSIDs are readily available to connect to.” Sanchez has also encountered mobile wireless devices, in particular a Sears van that uses wireless and sometimes comes within proximity of the building.

Sanchez remarks, “A majority of what your IDS discovers is valid traffic, and the tricky thing is determining what’s valid and what’s truly an attack. [RFprotect] really does a good job with that.” He says he’s been happy with the system so far, and while he wasn’t at liberty to discuss whether CHOC has experienced any malicious intrusions, he did say that the system has been “integral in identifying where there might be a problem.”

The Future Looks Bright

At CHOC, wireless technology has made an impact that can be measured in a very real and vital way—it helps the hospital staff do a better job, which translates to improved care for hospital patients. The future holds more improvements in store: Headland describes an initiative currently being considered by many hospitals called Computerized Provider Order Entry (CPOE), which would computerize the process of ordering medication in order to cut down on potentially fatal medication errors (illegibly written drug/dosage prescriptions being one culprit).

Obviously, a WLAN is only one component to help achieve these goals. But if a wireless network is going to bear these responsibilities, it must be backed up with the best security available. With RFprotect, staff, visitors and patients at CHOC can rest assured while reaping the benefits of better technology. •

Daniel Morris is a writer based in Brooklyn.


Leisure Publications