Taking a serious approach to mobile usage in hospitals

Most hospitals in the country discourage the use of mobile phones in the wards as they believed to interfere with medical equipment used to monitor patients. A total ban, however, has never been carried out, while it was prohibited in other countries. Although some of these countries have relaxed this ban due to pressure from doctors & patients, a new research undertaken by Dutch scientists indicates the need to revert to the old ways and for our hospitals to be more firm on this issue. Researchers found that mobile phone signals can interfere with medical equipment more than 2.8 metres away. A signal from a mobile phone switched off an automatic pump used to deliver life-saving medicines, interfered with a heart monitor & confused an external pacemaker.

Although most of the effects were seen when the phones were within one metre of the equipment, the study also revealed that mobile phones were capable of switching off or affecting life-saving equipment from a distance of 3 metres. The risk to certain life-saving devices was great enough to justify a ban. However, unlike a ban on smoking in hospitals, it will be tough to enforce a ban on mobile phone usage in our hospitals based on 2 factors. Firstly, the widespread usage of mobile phones in the country, & secondly, is the convenience it accords for healthcare workers & patients. Almost everyone owns a mobile phone & carry it wherever they go. We use it without giving much thought about the surroundings. At petrol stations too, some people continue to use it, ignoring the risk of causing an explosion.

For doctors, instead of depending on pages, the mobile phone has made it easier for them to be contacted. And for patients, a mobile phone is a necessary to keep in touch with family & friends while they recuperate in hospitals. Over the years, similar studies have been undertaken & revealed that mobile phone signals could confuse life-saving electronics. However, we have taken a lackadaisical attitude on this matter, arguing that there is no convenience overrules all other matters. However, considering the latest study & the possibility of killing patients yne the process, we should take a serious approach on mobile phone usage in hospitals.

Reducing risks by zeroing on mission-critical areas

Too often, companies focus strictly on technology rather than taking necessary steps to lock down the IT environment in a crisis. Companies need to business processes, procedures and workflow to be in a better position to meet its IT security needs. Everybody has a different threshold of pain. Recognising your company's 'threshold of pain' is an important part of your security strategy because it forces you to identify the areas that are mission-critical to your business.

Identify physical assets

The first step is to identify your company's IT assets, including physical assets such as notebook computers & portable storage devices. Once you know what you have & what you need to protect, you can recommend appropriate solutions & processes, including systems and network configurations, patch management, and hardware & software upgrade paths.

Assess your business processes

Next, analyse your business processes with security in mind. An upfront assessment of core processes goes a long way toward identifying weaknesses & potential failure points. By making this procedure mandatory, it's possible to eliminate days, weeks or months of unauthorised access.

Rank your security needs by importance

After you have finished your business process analysis and made any necessary changes, it's time to prioritise security needs. A basic numerical rating system that ranges from 1 to 3 (low, medium & high) should provide a starting point to determine which systems & assets are most important.

Tips on developing effective plans

Focus on events, not timelines. Although it's often wise to develop a detailed 1, 2-, or 5-year plan for IT security, know that security is a moving target. New technologies & new threats are constantly emerging.

Define security responsibilities across the organisation. Embed them in job descriptions to make security management real. Outline a series of steps to follow during a security incident. This can help prevent employees from panicking in the heat of the moment. After any incident, discuss what worked & what didn't.

Develop a security approach that's flexible but enforceable. You don't wan't to prevent people from doing their work & you don't want to undermine productivity. Striking a balance between practicality & security is a delicate matter, especially as organisations become larger and their IT infrastructure becomes more complex.

Finally, monitor systems and log files on a regular basis. This helps to identify potential problems & respond to changes quickly & efficiently. Use a comprehensive IT security solution to obtain a dashboard view your entire infrastructure from desktops, to the network & servers.

Recovering from a virus attack

Computer viruses are small programs that are specifically written to alter the way a computer operates, without the permission or knowledge of the user. To classify as a virus, it must meet 2 criteria:

1) it must execute itself, and it will often place its own code in the path of execution of another program; and
2) it must replicate itself. For example, it may replace other executable files with a copy of the virus infected file. If your business has suffred a virus attack & your network has been compromised, you'll need to act fast in order to prevent the virus from spreading to other computers on your network. Here are some recommendations on how to quickly get your business backp up & running again:

- Disconnect & isolate

If you suspect one of your computers has suffered a virus attack, immediately quarantine the computer by physically disconnecting it, as infected machines pose a danger to all of the other computers connected to the network. If you suspect other computers may be infected as well, even if they aren't displaying any symptoms, still treat them like they are, as it's counter-productive to clean one machine while an infected computer is still connected to the network.

- Focus on the clean up

Once you have physically disconnected the computer, you'll need to then focus on removing the malicious code. Use virus removal tools that are written for the specific virus that's causing the damage. Many of these tools can be found on the Internet. In addition, your anti-virus software should have updates or patches available for the specific security threat.

- Reinstall your operating system

After a virus attack, damages may range from changed filenames to obliterated files to permanently disabled software applications. the extent of damage depends on the particular virus. If your operating system (OS) is completely destroyed, you'll need to reinstall your OS by using the quick restore CD that came with your computer. This will restore your computer to its original configuration, meaning that you'll lose any applications you may have installed or data files you may have saved. So, before you begin the reinstallation process, make sure you have all the necessary information handy (for example, the original software, licences, registration, & serial numbers).

- Restore your data

This is assuming that you have been diligent about backing up your files. If you haven't been doing a regular backup of all of the data & files on our computer's hard drive, your files will most likely be permanently lost. If this is the case, learn from your mistake and make sure to back up on a regular, ongoing basis from now on. And keep in mind not all viruses target data files. Some attack only applications.


- Scan for viruses

After restoring & reinstalling, subject your network to a thorough virus scan. Use the most recent virus definitions available for your anti-virus software. Be careful not to overlook anything; scan all files & documents on all computers and servers on your network.

- Prevent future attacks

Run anti-virus software & keep virus definitions current. Make sure your security patches are up-to-date. And if you haven't been running anti-virus software, begin to immediately in order to prevent future attacks. Also, if you lost data files in the recent attack, create & enforce a regular backup schedule.

Moreover, change all of your passwords, including Internet service provider access password, file transfer protocol, e-mail, & Web site passwords. Some viruses can capture or crack passwords, leading to future vulnerabilities.

Above all, learn from your mistakes. If a virus penetrated your defences, consider changing or enhancing your current security patches. Ask yourself why your previous security measures weren't effective. Did you need a firewall? Were you lax about updating virus definitions & security patches? Did you download files without scanning first? Comb through, edit & reinforce your IT security policy, as you'll need to shore up the holes in your security practices. Prevention is always the best security policy.