Revisiting mHealth with Dr. Ruchi Dass, Part 2

Today, we finish our conversation with Dr. Ruchi Dass on mobile health trends. We left off last week talking about the security issues surrounding mHealth. Below, Dr. Dass tells us more about mitigating security risks and what still needs to happen for mHealth to be fully optimized. Dr. Ruchi Dass: To mitigate the risks authentication systems raise, it is essential that they be designed to offer individuals control over their personal information by supporting traditional principles of fair information practices. While these principles have long formed the basis of federal and state law, industry rules of best practice, and international agreements related to information privacy protection, their application to authentication systems must be carefully considered and articulated so as to take into account the complex and unique questions raised by the technology. In fact, because fair information practices are often ignored in the current use of authentication, the move to new authentication systems offers implementers the ability to offer stronger privacy protections if privacy issues are addressed in the design of the technology. On the technology front, these risks may be mitigated through deployment of diverse authentication products, by decentralizing their design and limiting the amount of personal information collected. It discusses the importance of applying fair information practices to the management of authentication data. Also, computer and mobile solutions should be designed and implemented using an enterprise-wide architectural methodology. An architectural methodology helps IT by providing a framework to consider all of the major issues, highlight the interdependencies and facilitate decision making between conflicting tradeoffs. VPN Haus: What are the major barriers that need to be overcome before mHealth can be...

Revisiting mHealth with Dr. Ruchi Dass, Part 1

In 2010, we spoke with Dr. Ruchi Dass,  on mobile health trends. We touched base with her again to find out, nearly two years later, what’s changed – and what’s on the horizon. VPN Haus: We last spoke in 2010, what’s the dramatic change in mHealth since then? Dr. Ruchi Dass: There is a lot of progress, promise and action since then. The World Health Organization (WHO) is tracking mHealth progress globally and is also examining the impact mobile networks and the Internet are already having on improving access to healthcare worldwide. WHO is also learning and conceptualizing ways to multiply reach moving forward, by surveying member states on their individual mHealth activities and concerns. One hundred twelve countries responded to the WHO call with 83% indicating they have already implemented at least one mHealth initiative. South East Asia, the Americas and Europe were the regions with the highest percentage of countries reporting initiatives. VPN Haus: You mentioned when we last spoke, secure data in transit and authentication were the major security concerns surrounding mHealth. What strides have been made in mitigating these concerns and what challenges remain? Dr. Dass: Interoperability is still a concern in the absence of proper standardisation methodologies. There are major security concerns related todata privacy, and hence, policies need to be put in place for achieving interoperability and implementing data standards amongst all facets of health IT integration, including clinical and non clinical information. To best leverage enterprise participation and potential of online/mobile networks data exchange; authentication systems often must collect and share personally identifiable information, raising potential risks to privacy. To mitigate the risks authentication systems raise,...

What’s Trending on Mobile Security?

As we’ve see over the last several years, mobile security continues to dominate the headlines and trade show chatter. So how is the conversation around mobile security taking shape, so far, in 2012– what’s new and what can expect? Here’s a round-up of what top security experts and thinkers are predicting. Anti-Theft Protection – “If mobile devices aren’t under attack to the extent that PCs are, mobile devices still carry a well-known security risk: they tend to get lost or stolen. That fact alone should be reason enough for businesses to take a more rigorous approach to securing mobile devices, including tracking them when they go missing, and ensuring that remote-wipe capabilities are in place should it be too difficult to recover the devices.”—Mathew J. Schwartz, journalist at InformationWeek. Mobile VPN – “A VPN that is designed to easily adapt to network changes and that enables seamless mobile roaming is the best option for teleworkers. Solutions should allow devices to automatically change between 3G/4G, Wi-Fi and LAN networks, for example, redirecting the VPN tunnel without interrupting mobile computing sessions. The VPN should also automatically recognize secure and unsecure networks, activating the appropriate firewall and security policies as needed.”—Rainer Enders, CTO Americas, NCP engineering. Malvertising – “Malvertising has been one of the banes of Web for years and it is starting to go mobile. Malvertising is when there are genuine looking ads that link back to fraudulent sites that can download malware to a device.”—Dan Rowinski, journalist at ReadWriteWeb. Sensitive Data Breaches – “Hackers are targeting mobile platforms not just because they can but also because these devices offer a...

What's Trending on Mobile Security?

As we’ve see over the last several years, mobile security continues to dominate the headlines and trade show chatter. So how is the conversation around mobile security taking shape, so far, in 2012– what’s new and what can expect? Here’s a round-up of what top security experts and thinkers are predicting. Anti-Theft Protection – “If mobile devices aren’t under attack to the extent that PCs are, mobile devices still carry a well-known security risk: they tend to get lost or stolen. That fact alone should be reason enough for businesses to take a more rigorous approach to securing mobile devices, including tracking them when they go missing, and ensuring that remote-wipe capabilities are in place should it be too difficult to recover the devices.”—Mathew J. Schwartz, journalist at InformationWeek. Mobile VPN – “A VPN that is designed to easily adapt to network changes and that enables seamless mobile roaming is the best option for teleworkers. Solutions should allow devices to automatically change between 3G/4G, Wi-Fi and LAN networks, for example, redirecting the VPN tunnel without interrupting mobile computing sessions. The VPN should also automatically recognize secure and unsecure networks, activating the appropriate firewall and security policies as needed.”—Rainer Enders, CTO Americas, NCP engineering. Malvertising – “Malvertising has been one of the banes of Web for years and it is starting to go mobile. Malvertising is when there are genuine looking ads that link back to fraudulent sites that can download malware to a device.”—Dan Rowinski, journalist at ReadWriteWeb. Sensitive Data Breaches – “Hackers are targeting mobile platforms not just because they can but also because these devices offer a...