ATM and VPN's

Tobia,Paul PTOBIA at CERNER.COM
Tue Mar 28 12:13:36 EST 2000 

The current draft HIPAA provisions regarding the security of electronic
healthcare information state that a POTS line is not secure and requires
encryption.  It is unclear the opinion on leased lines or any other
"managed" networks, and will hopefully be defined by the time the final
ruling comes out.  It's not a law or regulation (yet) but it looks like
encyption (and VPNs) will play a big part in electronic healthcare
transactions in the next 3 years.

-Paul

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Paul R. Tobia, Security Consulting Engineer
Cerner Corporation
What is the concept of defense: The parrying
of a blow. What is its characteristic
feature: Awaiting the blow.
                     -On War, C.V.Clausewitz

> -----Original Message-----
> From: Bennett Todd [mailto:bet at RAHUL.NET]
> Sent: Monday, March 27, 2000 12:22 PM
> To: VPN at SECURITYFOCUS.COM
> Subject: Re: ATM and VPN's
>
>
> 2000-03-21-03:59:20 Franco Sabaris, Javier:
> > If you don't trust your ATM carrier, I can't see why you should
> > trust your voice carrier, or your point to point circuits
> > provider. So, following the same idea, you should encrypt
> > every information (data or voice) that travels outside your
> > buildings. Isn't it a bit paranoic?
>
> Maybe so, maybe not.
>
> If you care about security in the face of determined attacks by
> knowlegeable attackers, then you protect data connections with
> encryption whether they're going over the general internet, an ATM
> link, or a dialup connection over a voice line.
>
> And if you are seriously concerned about the security of a
> piece of voice traffic, you don't discuss it over the phone;
> too many unscrupulous or even amoral people are tapping all
> telecommunications these days. That's why the "encryption" in every
> digital cellphone is deliberately crippled.
>
> There's a difference, though. People can, if they wish to, think
> about the security of specific comments and avoid speaking
> insecurely on the phone. People like to trust that computer
> connections are suitably secure for any traffic, and using VPNs over
> all telecommunication links we can give them that security.
>
> -Bennett
>

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list