Case Study 4
by Anil Nayaki
Submission dat e : 12- Dec- 2017 02:04 PM (UT C- 0800)
Submission ID: 892937 126
File name : 12313_Anil_Nayaki_Case_Study_4 _7 7 5965_1150984 951.do cx (9.57 K)
Word count : 658
Charact e r count : 3851
29%
SIMILARIT Y INDEX
10%
INT ERNET SOURCES
4%
PUBLICAT IONS
29%
ST UDENT PAPERS
1 16%
2 4%
3 4%
4 4%
5 2%
Exclude quo tes On
Exclude biblio graphy Of f
Exclude matches < 3 wo rds
Case Study 4
ORIGINALITY REPORT
PRIMARY SOURCES
Submitted to Campbellsville University
St udent Paper
Submitted to University of Maryland, University
College
St udent Paper
Submitted to Laureate Higher Education Group
St udent Paper
Submitted to Northcentral
St udent Paper
Submitted to Boston University
St udent Paper
Case Study 4by Anil NayakiCase Study 4ORIGINALITY REPORTPRIMARY SOURCES
Home / My courses / Online / School of Business and Economics / 2017
/ October 23, 2017 / BA63370G317 / Week 4 / Case Study #3
Campbellsville University Online
My Submissions
Title Start Date Due Date Post Date
Grades
Available
Case Study #3 -
Case Study #3
17 Sep 2017
- 09:33
12 Dec 2017
- 23:59
31 Dec 2017
- 23:59
75
Summary:
Read Case Study #3 and answer all three "Discussion Points" in a clear but concise way. Be
sure to cite all external references.
Please remember this needs to be in your words. No cut and paste, No turning in other's work.
Any similarity scores of 30 or more will not be graded.
Please check back to review your similarity score. You can resubmit until the due date.
Case Study #3
21%
Submission
Title
Turnitin
Paper
ID
Submitted Similarity
View Digital Receipt Case Study 3 892939151 12/10/17,
23:18
Refresh Submissions
You are logged in as Anil Nayaki (Log out)
BA63370G317
School Resources
Library Access
Bookstore Access
Your Success Coach
Online Student Handbook
C9-1
CASE STUDY 9
ST. LUKE'S HEALTH CARE SYSTEM
Hospitals have been some of the earliest adopters of wireless local area
networks (WLANs). The clinician user population is typically mobile and
spread out across a number of buildings, with a need to enter and access
data in real time. St. Luke's Episcopal Health System in Houston, Texas
(www.stlukestexas.com) is a good example of a hospital that has made
effective use wireless technologies to streamline clinical work processes.
Their wireless network is distributed throughout several hospital buildings
and is used in many different applications. The majority of the St. Luke’s
staff uses wireless devices to access data in real-time, 24 hours a day.
Examples include the following:
• Diagnosing patients and charting their progress: Doctors and
nurses use wireless laptops and tablet PCs to track and chart patient
care data.
• Prescriptions: Medications are dispensed from a cart that is wheeled
from room to room. Clinician uses a wireless scanner to scan the
patient's ID bracelet. ...
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Case Study 4: Wireless Networks Improve Patient Care at St. Luke's Hospital
1. Case Study 4
by Anil Nayaki
Submission dat e : 12- Dec- 2017 02:04 PM (UT C- 0800)
Submission ID: 892937 126
File name : 12313_Anil_Nayaki_Case_Study_4 _7 7
5965_1150984 951.do cx (9.57 K)
Word count : 658
Charact e r count : 3851
29%
SIMILARIT Y INDEX
10%
INT ERNET SOURCES
4%
PUBLICAT IONS
29%
2. ST UDENT PAPERS
1 16%
2 4%
3 4%
4 4%
5 2%
Exclude quo tes On
Exclude biblio graphy Of f
Exclude matches < 3 wo rds
Case Study 4
ORIGINALITY REPORT
PRIMARY SOURCES
Submitted to Campbellsville University
St udent Paper
Submitted to University of Maryland, University
College
St udent Paper
Submitted to Laureate Higher Education Group
St udent Paper
Submitted to Northcentral
St udent Paper
Submitted to Boston University
St udent Paper
Case Study 4by Anil NayakiCase Study 4ORIGINALITY
3. REPORTPRIMARY SOURCES
Home / My courses / Online / School of Business and
Economics / 2017
/ October 23, 2017 / BA63370G317 / Week 4 / Case Study #3
Campbellsville University Online
My Submissions
Title Start Date Due Date Post Date
Grades
Available
Case Study #3 -
Case Study #3
17 Sep 2017
- 09:33
12 Dec 2017
- 23:59
31 Dec 2017
- 23:59
75
4. Summary:
Read Case Study #3 and answer all three "Discussion Points" in
a clear but concise way. Be
sure to cite all external references.
Please remember this needs to be in your words. No cut and
paste, No turning in other's work.
Any similarity scores of 30 or more will not be graded.
Please check back to review your similarity score. You can
resubmit until the due date.
Case Study #3
21%
Submission
Title
Turnitin
Paper
ID
Submitted Similarity
View Digital Receipt Case Study 3 892939151 12/10/17,
5. 23:18
You are logged in as Anil Nayaki (Log out)
BA63370G317
School Resources
Library Access
Bookstore Access
Your Success Coach
Online Student Handbook
C9-1
CASE STUDY 9
ST. LUKE'S HEALTH CARE SYSTEM
Hospitals have been some of the earliest adopters of wireless
local area
networks (WLANs). The clinician user population is typically
6. mobile and
spread out across a number of buildings, with a need to enter
and access
data in real time. St. Luke's Episcopal Health System in
Houston, Texas
(www.stlukestexas.com) is a good example of a hospital that
has made
effective use wireless technologies to streamline clinical work
processes.
Their wireless network is distributed throughout several
hospital buildings
and is used in many different applications. The majority of the
St. Luke’s
staff uses wireless devices to access data in real-time, 24 hours
a day.
Examples include the following:
• Diagnosing patients and charting their progress: Doctors and
nurses use wireless laptops and tablet PCs to track and chart
patient
care data.
• Prescriptions: Medications are dispensed from a cart that is
wheeled
7. from room to room. Clinician uses a wireless scanner to scan
the
patient's ID bracelet. If a prescription order has been changed or
cancelled, the clinician will know immediately because the
mobile device
displays current patient data.
http://www.stlukestexas.com/
C9-2
• Critical care units: These areas use the WLAN because
running hard
wires would mean moving ceiling panels. The dust and microbes
that
such work stirs up would pose a threat to patients.
• Case management: The case managers in the Utilization
Management
Department use the WLAN to document patient reviews,
insurance
calls/authorization information, and denial information. The
wireless
session enables real time access to information that ensures the
correct
level of care for a patient and/or timely discharge.
8. • Blood management: Blood management is a complex process
that
involves monitoring both patients and blood products during all
stages of
a treatment process. To ensure that blood products and patients
are
matched correctly, St. Luke’s uses a wireless bar code scanning
process
that involves scanning both patient and blood product bar codes
during
the infusion process. This enables clinicians to confirm patient
and blood
product identification before proceeding with treatment.
• Nutrition and diet: Dietary service representatives collect
patient
menus at each nursing unit and enter them as they go. This
allows more
menus to be submitted before the cutoff time, giving more
patients
more choice. The dietitian can also see current patient
information, such
as supplement or tube feeding data, and view what the patient
actually
9. received for a certain meal.
• Mobile x-ray and neurologic units: St. Luke’s has
implemented the
wireless network infrastructure necessary to enable doctors and
clinicians to use mobile x-ray and neurologic scanning units.
This makes
it possible to take x-rays or to perform neurological studies in
patient
rooms. This minimizes the need to schedule patients for
neurology or
radiology lab visits. The mobile units also enable equipment to
be
brought to the bedside of patients that cannot be easily moved.
The
wireless neurology and x-ray units have also helped to reduce
the time
between diagnosis and the beginning patient care.
C9-3
Original WLAN
St. Luke's first WLAN was deployed in January 1998 and made
the hospital
10. an early pioneer in wireless health care applications. St. Luke’s
first wireless
LAN was implemented in a single building using access points
(APs) made by
Proxim (www.proxim.com).
A principal goal of this initial installation was to improve
efficiency.
However, sometimes the WLAN had the opposite effect. The
main problem
was dropped connections. As a user moved about the building,
there was a
tendency for the WLAN to drop the connection rather than
performing the
desired handoff to another access point. As a result, a user had
to
reestablish the connection, log into the application again, and
reenter
whatever data might have been lost.
There were physical problems as well. The walls in part of the
building
were constructed around chicken wire, which interfered with
radio waves.
Some patients' rooms were located in pockets with weak radio
signals. For
11. these rooms, a nurse or doctor would sometimes lose a
connection and have
to step out into the hallway to reconnect. Microwave ovens in
the
kitchenettes on each floor were also a source of interference.
Finally, as more users were added to the system, the Proxim
APs, with a
capacity of 1.2 Mbps, became increasingly inadequate, causing
ongoing
performance issues.
Enhanced LAN
To overcome the problems with their original WLAN and reap
the potential
benefits listed earlier in this case study, St. Luke's made two
changes
[CONR03, NETM03]. First, the hospital phased out the Proxim
APs and
replaced them with Cisco Aironet (www.cisco.com) APs. The
Cisco APs, using
IEEE 802.11b, operated at 11 Mbps. Also, the Cisco APs used
direct
12. C9-4
sequence spread spectrum (DSSS), which is more reliable than
the
frequency-hopping technique used in the Proxim APs.
The second measure taken by St Luke's was to acquire a
software
solution from NetMotion Wireless (netmotionwireless.com)
called Mobility.
The basic layout of the Mobility solution is shown in Figure
C9.1. Mobility
software is installed in each wireless client device (typically a
laptop,
handheld, or tablet PC) and in two NetMotion servers whose
task is to
maintain connections. The two servers provide a backup
capability in case
C9-5
one server fails. The Mobility software maintains the state of an
application
even if a wireless device moves out of range, experiences
13. interference, or
switches to standby mode. When a user comes back into range
or switches
into active mode, the user's application resumes where it left
off.
In essence, Mobility works as follows: Upon connecting, each
Mobility
client is assigned a virtual IP address by the Mobility server on
the wired
network. The Mobility server manages network traffic on behalf
of the client,
intercepting packets destined for the client's virtual address and
forwarding
them to the client's current POP (point of presence) address.
While the POP
address may change when the device moves to a different
subnet, from one
coverage area to another, or even from one network to another,
the virtual
address remains constant while any connections are active.
Thus, the
Mobility server is a proxy device inserted between a client
device and an
application server.
14. Enhancing WLAN Security
In 2007, St. Luke’s upgraded to Mobility XE mobile VPN
solution [NETM07].
This migration was undertaken to enhance security and
compliance with
HIPPA data transmission and privacy requirements. Mobility
XE server
software was deployed in the IT department’s data center and
client
software was installed on laptops, handheld devices, and tablet
PCs.
With Mobility XE running on both clients and servers, all
transmitted
data passed between them is encrypted using AES (Advanced
Encryption
Standard) 128-bit encryption. Mobility XE also serves as an
additional
firewall; devices that are not recognized by the Mobility XE
server are not
allowed to access the network. This arrangement helped St.
Luke’s achieve
its IT goal of having encryption for all wireless data
communications.
15. Mobility XE also enables the IT department to centrally
manage all
wireless devices used by clinicians. This allows them to monitor
the
C9-6
applications currently being used by any device or user, the
amount of data
being transmitted, and even the remaining battery life of the
wireless device.
If a Mobility XE device is stolen or lost, it can be immediately
quarantined by
network managers.
IT executives at St. Luke’s view wireless networking as key
lever in their
quest to increase clinician productivity and improved patient
care. Mobile
EKG units have been deployed bringing the total of wireless
devices in use to
nearly a 1,000.
Discussion Questions
1. Visit the NetMotion Web site (www.netmotionwireless.com)
and access
16. and read other Mobility XE success stories. Discuss the patterns
that
can be observed in the benefits that Mobility XE users have
realized via
its deployment and use.
2. Do some Internet research on the security implications of
HIPPA
requirements for hospital networks. Discuss the major types of
security mechanisms that must be in place to ensure hospital
compliance with HIPPA requirements.
3. Do some Internet research on the use of VLANs in hospitals.
Summarize the benefits of using VLANs in hospitals and
identify
examples of how St. Luke’s could further enhance its wireless
network
by implementing VLANs.
Sources
[CONR03] Conery-Murray, A. “Hospital Cures Wireless LAN
of Dropped
Connections.” Network Magazine, January 2003.
[NETM03] Netmotion Wireless, Inc. “NetMotion Mobility:
Curing the
Wireless LAN at St. Luke’s Episcopal Hospital. Case Study,
2003.
Netmotionwireless.com/resources/case_studies.aspx.
17. [NETM07] Netmotion Wireless, Inc. “St. Luke’s Episcopal
Health System: A
Case Study in Healthcare Productivity.” 2007. Retrieved online
at:
http://www.netmotionwireless.com/st-lukes-case-study.aspx
http://www.netmotionwireless.com/
http://www.netmotionwireless.com/st-lukes-case-
study.aspxCASE STUDY 9Original WLANEnhanced
LANEnhancing WLAN SecurityDiscussion QuestionsSources
C11-1
CASE STUDY 11
CLOUD COMPUTING (IN)SECURITY
Cloud computing is reshaping enterprise network architectures
and
infrastructures. It refers to applications delivered as services
over the
Internet as well as the hardware and systems software in data
centers that
provide those services. The services themselves have long been
referred to
as Software as a Service (SaaS) which had its roots in Software-
Oriented
18. Architecture (SOA) concepts that began shaping enterprise
network
roadmaps in the early 2000s. IaaS (Infrastructure as a Service)
and PaaS
(Platform as a Service) are other types of cloud computing
services that are
available to business customers.
Cloud computing fosters the notion of computing as a utility
that can be
consumed by businesses on demand in a manner that is similar
to other
services (e.g. electricity, municipal water) from traditional
utilities. It has the
potential to reshape much of the IT industry by giving
businesses the option
of running business software applications fully on-premises,
fully in “the
cloud” or some combination of these two extremes. These are
choices that
businesses have not had until recently and many companies are
still coming
to grips with this new computing landscape.
Security is important to any computing infrastructure.
Companies go to
19. great lengths to secure on-premises computing systems, so it is
not
surprising that security looms as a major consideration when
augmenting or
replacing on-premises systems with cloud services. Allaying
security
C11-2
concerns is frequently a prerequisite for further discussions
about migrating
part or all of an organization’s computing architecture to the
cloud.
Availability is another major concern: “How will we operate if
we can’t access
the Internet? What if our customers can’t access the cloud to
place orders?”
are common questions [AMBR10].
Generally speaking, such questions only arise when businesses
contemplating moving core transaction processing, such as ERP
systems,
and other mission critical applications to the cloud. Companies
have
20. traditionally demonstrated less concern about migrating high
maintenance
applications such as e-mail and payroll to cloud service
providers even
though such applications hold sensitive information.
Security Issues and Concerns
Auditability is a concern for many organizations, especially
those who must
comply with Sarbanes-Oxley and/or Health and Human Services
Health
Insurance Portability and Accountability Act (HIPAA)
regulations [IBM11].
The auditability of their data must be ensured whether it is
stored on-
premises or moved to the cloud.
Before moving critical infrastructure to the cloud, businesses
should do
diligence on security threats both from outside and inside the
cloud
[BADG11]. Many of the security issues associated with
protecting clouds
from outside threats are similar to those that have traditionally
faced
21. centralized data centers. In the cloud, however, responsibility
for assuring
adequate security is frequently shared among users, vendors,
and any third-
party firms that users rely on for security-sensitive software or
configurations. Cloud users are responsible for application-level
security.
Cloud vendors are responsible for physical security and some
software
security such as enforcing external firewall policies. Security
for intermediate
layers of the software stack is shared between users and
vendors.
C11-3
A security risk that can be overlooked by companies
considering a
migration to the cloud is that posed by sharing vendor resources
with other
cloud users. Cloud providers must guard against theft or denial-
of-service
attacks by their users and users need to be protected from one
another.
22. Virtualization can be a powerful mechanism for addressing
these potential
risks because it protects against most attempts by users to attack
one
another or the provider’s infrastructure. However, not all
resources are
virtualized and not all virtualization environments are bug-free.
Incorrect
virtualization may allow user code to access to sensitive
portions of the
provider’s infrastructure or the resources of other users. Once
again, these
security issues are not unique to the cloud and are similar to
those involved
in managing non-cloud data centers, where different
applications need to be
protected from one another.
Another security concern that businesses should consider is the
extent
to which subscribers are protected against the provider,
especially in the
area of inadvertent data loss. For example, in the event of
provider
infrastructure improvements, what happens to hardware that is
23. retired or
replaced? It is easy to imagine a hard disk being disposed of
without being
properly wiped clean of subscriber data. It is also easy to
imagine
permissions bugs or errors that make subscriber data visible to
unauthorized
users. User-level encryption may be an important self-help
mechanism for
subscribers, but businesses should ensure that other protections
are in place
to avoid inadvertent data loss.
Addressing Cloud Computer Security Concerns
Numerous documents have been developed to guide business
thinking
about the security issues associated with cloud computing. Even
NIST has
weighed in on these issues [BADG11]. NIST’s
recommendations
systematically consider each of the major types of cloud
services consumed
C11-4
24. by businesses including Software as a Service (SaaS),
Infrastructure as a
Service (IaaS), and Platform as a Service (PaaS). While security
issues vary
somewhat depending on the type of cloud service, there are
multiple NIST
recommendations that are independent of service type. Several
of these are
summarized in Table C11.1. Not surprisingly, NIST
recommends selecting
cloud providers that support strong encryption, have appropriate
redundancy
mechanisms in place, employ authentication mechanisms, and
offer
subscribers sufficient visibility about mechanisms used to
protect subscribers
from other subscribers and the provider.
As more businesses incorporate cloud services into their
enterprise
network infrastructures, cloud computing security will persist as
an
important issue. Examples of cloud computing security failures
have to
25. potential to have a chilling effect on business interest in cloud
services and
this is inspiring service providers to be serious about
incorporating security
mechanisms that will allay concerns of potential subscribers.
Some service
providers have moved their operations to Tier 4 data centers to
address user
concerns about availability and redundancy. Because so many
businesses
remain reluctant to embrace cloud computing in a big way,
cloud service
providers will have to continue to work hard to convince
potential customers
that computing support for core business processes and mission
critical
applications can be moved safely and securely to the cloud
[HEAV11].
Discussion Points
1. Do some Internet research to identify businesses who have
suffered
because of cloud security weaknesses or failures. What can
companies
who are contemplating cloud computing services learn from the
negative experiences of these businesses?
26. 2. Do some Internet research on security mechanisms associated
with
virtualization. How can virtualization be used by cloud service
providers to protect subscriber data?
C11-5
3. Choose one of the following cloud services categories: SaaS,
IaaS,
PaaS. Do some Internet research that focuses the security issues
associated with the selected cloud service category. Summarize
the
major security risks associated with the cloud service category
and
identify mechanisms that can be used to address these risks.
Sources
[ARMB10] Armbrust, M., Fox, A., Griffith, R, Joseph, A.D.,
Katz, R.,
Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I.,
and Zaharia, M.
“A View of Cloud Computing.” Communications of the ACM,
Vol. 53, No. 4,
April 2010, pp. 50-58.
[BADG11] Badger, L., Grance, T., Patt-Comer, R., and Voas, J.
Draft Cloud
27. Computing Synopsis and Recommendations: Recommendations
of the
National Institute of Standards and Technology, Special
Publication 800-146,
May 2011.
[HEAV11] Heavey, J. “Cloud Computing: Secure or Security
Risk?”
Technorati.com, November 28, 2011. Retrieved online from:
http://technorati.com/technology/cloud-computing/article/cloud-
computing-
secure-or-a-security1/.
[IBM11] IBM Global Technology Services. Security and
Availability in Cloud
Computing Environments, Technical White Paper, June 2011.
http://technorati.com/technology/cloud-computing/article/cloud-
computing-secure-or-a-security1/
http://technorati.com/technology/cloud-computing/article/cloud-
computing-secure-or-a-security1/
C11-6
CASE STUDY 11Security Issues and ConcernsAddressing
Cloud Computer Security ConcernsDiscussion PointsSources