I only went to the Doctors…

7 May

I went to the Doctors recently. Didn’t expect to come across a security issue during my consultation, but…

I entered the consulting room, sat down, and we started to chat and the phone went.
The Dr informed me

“My colleague needs my assistance, I will be back in one minute”

So there I was all on my own in the consulting room, and gazed at his PC.

  • He was logged in
  • No screen lock
  • Various medical applications logged in
  • His smart card still in the reader

So I had the perfect opportunity to

  • Browse any of his patients health records
  • Modify, and digitally sign the records
  • Delete stuff

A few days later, curious about the issue, I relayed the story to trusted health professional about it. The reply was not quite what I expected

“I suspect most people would act in the same way. If you take the smart card out, and have to log back in again, it takes too long.”

This once again shows the complexity of the People / Process / Technology triad. What seems at first sight a people failure, transpires to be a technology failure causing a adverse people reaction.

What security failures have you seen recently, what has been the cause – please leave your comments below.

One Response to “I only went to the Doctors…”

  1. Andrew Findlay August 6, 2013 at 11:14 #

    There certainly is a technology problem there, though I suspect the human problem would not just go away if you fixed it…
    Pulling out the smart card should lock the screen and the applications. Putting it back in should re-enable them all instantly. Should not be that hard to do. In fact, Sun did better than that years ago with the desktop that followed you around: *wherever* you plugged in the smart card, your own desktop would appear within a couple of seconds. No data or state was ever held in the desktop hardware, so much easier to control the security too.

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 518 other followers