Hi,
A friend of mine works in a doctor's office. The server is on one coridoor of the building, and the user on that side are hard wired directly to a router.
The staff across the hall(new space) have not connected yet.
Can wireless be used. What encryption scheme is necessary.
They are about 50-75 yards from the server. Will a repeater need to be installed to 'boost' the signal. What frequency should be used? They do not want a screen refresh delay.
Please be as specific as possible with your solution.
The provider of the best solution's name will be provided to the user if you desire.
Regards,
Dick
2007-11-15 01:51:38 · 3 answers · asked by D L 2 in Computers & Internet ➔ Computer Networking
Correction: HIPAA
2007-11-15 02:31:03 · update #1
As an absolute minimum you need to protect the data being stored, used and transmitted from access by unauthorized parties and you need to have reasonable measures and procedures in place to detect and prevent unauthorized access attempts.
For a wireless system I would implement a layered approach, including the following as a minimum:
1. WPA encryption with shared secret.
2. RADIUS authentication.
3. IPSEC or L2TP VPN between wireless clients and the hard-wired network.
These will ensure that the wireless signal is encrypted, the data on the wireless network is encrypted separately from the WAP to client session and all users are properly authenticated on the back end before they are allowed to connect.
Other required actions:
1. Complex SSID.
2. SSID broadcasts turned off.
3. MAC filtering
4. Complex passwords enforced -- upper & lower case + numeric or special character
5. Minimim password length of 8 characters. 12 would be better.
6. Passwords expire every 30 days.
7. Last 20 passwords remembered.
8. Enable syslog logging of all wireless access points.
Mke sure that auditing of all logons is turned on and that someone actually reviews the logs for evidence of attempts at unauthorized access. Use of a 3rd party application to report on unsuccessful logon attempts in real time is highly recommended.
Ensure that someone reviews the syslog logs for evidence of unknown access attempts. Yes, this means that you need to manage the authorized MAC addresses of the equipment on the network. Again, real time notification of unauthorized access attempts is highly recommended.
Ensure that access to the data on the backend is tightly controlled and limited to the absolute lowest level necessary for people to do their jobs. Yes, this means that the docs and the office manager do NOT get admin access to the network. Any user who needs admin access (should be no more than 2 or 3) must have a separate logon account for admin duties. NEVER grant admin access to an ordinary user account.
Recommended practices:
1. Perform a signal strength survey outside of the authorized use areas to ensure the least possible leakage. Tune power output of the WAPs to ensure client connectivity where authorized and none outside of those areas. Yes, this means that you will probably need multiple WAPs. And no repeaters!
2. Only use wireless where wired Ethernet is impossible or will be significantly more costly than wireless.
3. If any laptops are used, use a 3rd party hard drive encryption package such as Encryption Plus. Without the proper user ID and password, the hard drive is a paperweight.
4. Consider using hard drive encryption on ALL computer systems to protect against disclosure of patient information in case of theft of the equipment.
If any of this is alien to you I would urge you to hire a consultant with documented HIPAA experience and/or a certified computer systems security specialist such as a CISSP.
2007-11-15 03:18:23 · answer #1 · answered by Bostonian In MO 7 · 0⤊ 0⤋
hi instantaneous technologies is comparable as LAN (community section community) the version is you're connecting devoid of utilising RJ45 cable in instantaneous technologies. using instantaneous technologies is quite good. you do not might desire to have wires and it makes you comfortable once you artwork. there is not something differences between the two considered one of them. desire this enables you
2016-09-29 07:07:42 · answer #2 · answered by ? 4 · 0⤊ 0⤋
It's actually HIPAA, and a good place to start looking is http://www.hipaa.org/
2007-11-15 01:56:35 · answer #3 · answered by Paul A 4 · 0⤊ 0⤋