Reply to post: Re: For Pete's sake

Medicos could be world's best security bypassers, study finds

lpcollier

Re: For Pete's sake

Nice idea, the problem is that NHS IT is a mess. A total mess. It's not a case of just logging into a workstation, it's a case of logging into anything from three to fifteen different clinical information systems depending on the specialty. Many of those are "web based" (usually tied to an ancient version of Internet Expolorer complete with obsolete ActiveX controls) and require separate passwords. They all have different password requirements and different password expiry lengths. The ubiquitous smart card is a great way to STEAL passwords, by having the smart card in situ then inviting a colleague to log in to something, the password management software will happily (and often silently) record their credentials. Genius! Probably the most secure approach to hospital computer systems I've seen is to have everything in virtual Windows instances in a server farm with the workstations purely acting as host displays, with a smart card or other token to reconnect to each user's desktop. It's fast, pretty secure and very convenient, but also very expensive.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019