This page contains a Flash digital edition of a book.
Facilitated by the more efficient use


of computer hardware and the reduced requirements of air conditioning and electrical power, cloud computing also plays a very important role in reducing an organisation’s carbon footprint. Cloud computing has great potential


for healthcare operators as it enables better mobility as well as provides a solution to ensure business continuity in case of major disasters, such as floods, fire or earthquakes. However, it also introduces a number of new issues, particularly related to the sensitiveness of clinical records and their protection, which should be properly considered and addressed.


Cloud and security Most large enterprises have their own private cloud infrastructure, but small and medium businesses looking to embrace cloud computing will have to rely on public or community clouds. These type of cloud models operate in multi-tenancy mode, meaning that a single physical server or a storage device is partitioned among various customers. In a multi-tenant environment each


customer may have different security requirements. For example, a tenant


may be running a test environment that requires minimal protection while another tenant may be running a critical application handling sensitive data. There may be consequences impacting on all other tenants if the first system misbehaves or is taken over by malicious intruders. While providers should account


for such issues to provide a secure multi-tenant environment, in reality, due to the complexity of the cloud environment these events are not always easy to detect or prevent. Often, cloud providers may be able


to offer very sophisticated approaches to security beyond the capability of many businesses. However, a customer should not take this for granted. Typically, customers and cloud providers share the responsibility of security and privacy and each cloud model implies different responsibilities for each party. SaaS providers should be responsible


for securing customers’ data and applications, while customers will have to be careful to protect their access credentials. Under SaaS, password based authentication may not be a suitable option to protect the data. Individual users may select weak passwords or may


not protect their passwords adequately. Two-factor-authentication (e.g. user name and password, plus a one-time password or digital certificate) will provide greater protection in a SaaS scenario. PaaS providers should be responsible


for isolating customers’ computing environments, while customers are responsible for securing the applications that they develop. IaaS customers are responsible for


protecting operating systems and data, while providers should ensure adequate network segmentation and proper data partitioning between customers’ systems. IaaS customers are still responsible for backing up data, implementing access control mechanisms, establishing services that should be available over the Internet, installing and maintaining software and so on.


In circumstances where the provider is


responsible for backing up customers’ data (mostly SaaS or managed PaaS and IaaS) it is important to check with the vendor how long it would take to recover data in the case of a problem. This should be clearly stated in the Service Level Agreement (SLA). A series of technical and non-technical


Become a HISA Member and save on all HISA events


is healthcare your business?


Join the Health Informatics Society of Australia to maximise your ability to help build a healthcare future enabled by e-health.


Rural & Remote


Telehealth Conference Cairns 29 - 31 May 2011


SAVE $110 hic2011


brisbane 1 - 5 aug


SAVE $250


FREE for HISA members STATE EVENTS


Data Governance Melbourne 19 - 20 May 2011


SAVE $100


Pulse IT+ magazine subscription SAVE $99


AUSTRALIA'S FIRST AND ONLY HEALTH IT MAGAZINE


Do you like receiving special treatment? At HISA our members are special to us and we want to make sure you know it. HISA members save hundreds of dollars on HISA conferences and state-based events and are afforded VIP status at HIC - Australia’s premier and largest e-health conference.


Not a HISA member? Easily fixed! Visit us at the HISA website or give us a call.


Savings on HISA events - join or renew your membership and save hundreds on ALL HISA events this year!


www.hisa.org.au Improving Australian healthcare through technology and information www.pulseitmagazine.com.au Pulse+IT 39


Learn and share your knowledge and expertise amongst a national network


Keep abreast of latest


developments


Influence the agenda


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52