Deploying secure, reliable wireless LANs in the healthcare environment - Wireless

Health Management Technology, April, 2003 by Bill Sims

For many healthcare institutions, wireless LANs (WLANs) have become a key component of the IT infrastructure. WLANs have moved into mainstream use by providing greater efficiency and accuracy to users of such mission-critical applications as bedside medication administration, emergency registration, order entry, physician rounding and clinical documentation.

As the paper chart gives way to computer-based patient records, mobile devices are becoming the primary point of clinical communications. As the user base grows and mobile applications become increasingly mission-critical, the need for effective security and management of these networks becomes a top priority.

Yet for all of their benefits, wireless networks introduce significant risks and challenges to IT management.

Challenge # 1: Rogue Wireless Deployments

Unauthorized rogue access points are the most daunting challenge created by WLAN technology. A rogue access point provides easy access to the entire network infrastructure--and not just for a serious hacker, but for anyone with a wireless network adapter and an antenna within several miles of the rogue access point.

Rogues may be introduced by well-intentioned employees, physicians, consultants or contractors who install their own access points without regard to proper security configuration requirements. Rogues also can be created accidentally during deployment or maintenance of the wireless network by failing to properly configure an access point. Users also can create rogues by using the "ad hoc" wireless configuration feature that allows a PC to act as an access point.

PCs can create a rogue situation by connecting unknowingly to neighboring networks, a process known as "accidental association." The problem of rogues is so common that several websites, such as www.WIGLE.net, actually catalog thousands of open wireless networks. Stopping rogue deployment is a must for healthcare organizations.

Challenge #2: Malicious Hackers

Wireless networks provide anonymity and ease of access to the enterprise network. Unlike Internet hacking, the anonymous nature of WLAN hacking means that it is nearly impossible to track down a hacker's origin. This has made WLANs a popular entry point for stealing intellectual property or obtaining demographic and credit card information for identity theft or credit card fraud. Wireless hacking also provides a wealth of unwitting sources for e-mail spamming or malicious hacking into others networks.

WLAN technology uses a notoriously weak encryption scheme inappropriately called Wired Equivalent Privacy (WEP). On a busy network, WEP can be cracked in a matter of hours. Wireless vendors have responded with more advanced solutions such as Microsoft's 802.1x/EAP and Cisco's Lightweight Extensible Authentication Protocol (LEAP). Many new products are available that protect the WLAN through the use of virtual private network (VPN) solutions. Although these technologies are a crucial part of any secure wireless deployment, they provide only part of the required security infrastructure.

Even when using WEP, LEAP or VPN technologies, all traffic at OSI layers 1 and 2 are available to the hacker along with crucial management frames. There is no authentication involved at layers 1 and 2, so any hacker can pretend to be an access point or any legitimate network user. This has made it easy to create software to perform wireless Denial of Service attacks.

Because the hacker can see both sides of any conversation, "man-in-the-middle" attacks--which are difficult to execute on the Internet--are an easy task in the wireless realm. This is true even when VPNs are being used. (Refer to the draft RFC at www.ietf.org/internet-drafts/draft-puthenkulam-eap-binding-01.txt for an assessment of man-in-the-middle attacks against wireless VPNs.)

All wireless stations are at risk to the malicious hacker. Any PC with a wireless radio in it can be easily coaxed into associating with a hacker's PC, making any files on the PC readily available, regardless of any enterprise encryption or authentication scheme. A hacker can take advantage of this vulnerability to browse through the contents of a PC in a hospital--or on board an airliner. Although the likelihood of a malicious hack may be low, the risks are high because of the difficulty in detecting and thwarting an attack.

Challenge #3: Meeting HIPAA Security Requirements

Obviously, the recently published HIPAA security rule will have an impact on an organization's view of its wireless risks. The rule requires that data traveling over a public network be encrypted. (One can assume that a wireless LAN is by definition a public network.) WEP or any more advanced encryption scheme may be considered sufficient to meet this requirement, but the challenge will be ensuring that encryption is turned on throughout the enterprise.

HIPAA will require a means of ensuring that encryption integrity is maintained not only at deployment, but also during maintenance and upgrades. The rule will require a means of verifying, testing and documenting the proper security configuration, and that there is a mechanism in place for detecting and responding to attacks.