Mobile devices, apps open for attacks
July 30, 2014 in Medical Technology
The developer described the security of the app, Base 64 encryption — something that doesn’t quite actually exist.
“Base 64 is not an encryption mechanism; it’s an encoding mechanism,” said Johnson. “That’s like saying because I spoke in French and you don’t understand French, it’s secure.”
Because of this, and other apps and third-party vendors out there, Johnson recommends healthcare organizations verify vendors’ security and make it part of their contract.
Internet of Things devices also were found to have insufficient authorization, HP officials pointed out, with some 80 percent of IoT devices failing to require sufficient passwords.
“While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface,” said Mike Armistead, vice president and general manager, Fortify, Enterprise Security Products, HP, in a July 29 press statement. “With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats.”
Other report findings included: