UK Government’s £4bn investment in the NHS with the aim of going paper-free by 2020. Kyle Lady at Duo Lab have the following comments on it.
Kyle Lady, at Duo Security:
“While this may seem like an easy step toward savings and cutting down on paper usage, there are significant security challenges if this initiative is not considered thoroughly.
All too often, security is thought of as something you apply to the product once you’ve built it. In reality, for a product or system to be secure enough for high-value information (like the medical records of an entire country), it has to be designed with security in mind. When healthcare.gov, the US health insurance exchange website, was first rolled out, there were a litany of security vulnerabilities that allowed attacking to steal identities of users. It took tens of millions of dollars to fix the already-over budget system’s security and performance problems. Much of this could have been avoided by bringing in security experts early in the design process.
This certainly is the way of the future, but that future could be one of leaks of patients’ most private information if NHS’s systems aren’t designed from the ground up with security in mind.”
[su_box title=”About Duo Security” style=”noise” box_color=”#336588″]Duo Security is a cloud-based access security provider protecting the world’s fastest-growing and largest companies and thousands of organizations worldwide, including Box, Etsy, Facebook, K-Swiss, The Men’s Wearhouse, NASA, Palantir, Paramount Pictures, Random House, Toyota, TripAdvisor, Twitter, Yelp, Zillow, and more. Duo Security’s innovative and easy-to-use technology can be quickly deployed to protect users, data, and applications from breaches, credential theft and account takeover. Duo Security is backed by Benchmark, Google Ventures, Radar Partners, Redpoint Ventures and True Ventures.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.