Embed Size (px)
Citation preview
Salem Health
Tech Talk – iPhones, Laptops and Rogue Devices, OH MY!
Industry Trends
Bring Your Own Device (BYOD) and the “Consumerization of IT”• Can we realize cost savings with not providing
company owned and managed cell phones?• Our staff now expects to be able to use their own
devices to access:– Email, Calendar and Sharepoint– Demand for EMR– And other applications
• So, the question is: Will we as an organization support our end users or will we continue to tell them “No, we do not support that.”?
Salem Health
Current Environment
Salem Health Current Security Policy Regarding Smart Phones and Tablets• iPhones and iPad’s are allowed.
– End user must sign hospital policy document.– Must be managed by MS Exchange server.– Local password/PIN on device is required.– Local encryption is required.
• Blackberries are supported through a Blackberry Enterprise Server (BES).– Salem Health is currently phasing out the
practice of providing Blackberries (and all cell phones) to staff.
• Everything else is not allowed at this time.
Salem Health Current WiFi Environment• Coverage, Capacity and Quality (CCQ)
• Limit number of broadcast SSID’s to minimize WiFi overhead
• “Dense” deployment = 60’ average spacing between AP’s with AP’s deployed at the corners and edges of the floor. (Equates to 1 AP per 2200 to 2500 square feet depending on the shape of the building)
• Smartphones and tablet radios are typically 10% of an Access Points max power.
What is connected to Salem Health WiFi?• ~1000 unique wireless guest users in a 24 hour
period. Peak of about 400 during the day.• ~700 Voice over WiFi phones.• ~50 temperature sensors• ~600 CIM’s and laptops• ~200 smart phones (blackberries and iPhones) • ~900 Infusion Pumps• ~20 EKG machines• Plans WiFi Clocks, RFID tags and an additional
800 VoWiFi phones
Troubleshooting Tools• What to do when the vendor blames the network?
– Multi Channel Wireless Packet Sniffer– Spectrum Analyzer– Site Survey Tools– VoWiFi Analysis Tools
Salem Health
Where we need to be for Information Services to support BYOD
Network Profiling, Network Access Control and Mobile Device Management• Accurate Network Device Profiling is Critical!
– Identify what and who is connected where• Posture Assessment
– Patched? Antivirus? • User/Role Based Access Control:
– Grant Access to permitted resources, restrict access to everything else.
• Smart Phone and Tablet Management (MDM)– Auto Enrollment for End users– Push WiFi and VPN security settings, Apps– Control password policy and local encryption
Salem Health
Lessons Learned
Lessons Learned
• Not all 802.11 devices are not the same– Many medical devices advertise “802.11g” but
only communicate at 1mbps or 2mbps. This will degrade performance for the rest of the devices within range.
– Client devices control the roaming behavior– When choosing a VoWiFi vendor, choose a
vendor with experience and fully test in your environment prior to rolling out. Do not choose a 1st generation VoWiFi handset. Ask for references and speak with them regarding their experiences.
