Network+ a Guide to Networks 6th Edition Case Project 14.1

Network+ a Guide to Networks 6th Edition

Case Project 14-1

1. In your opinion, list three critical points of failure in the network described in Case Project 14-1 and why?

• Network security is surely an issue. A medical hospital would have to be very concerned about the security of patient’s medical records. The Health and Insurance Portability and Accountability Act (HIPAA) requires that patient’s records remain private and secure, and there are certain laws within the act that govern how to handle patient information. HIPAA is one of the greatest concerns for medical facilities because violations are very costly. This being the case I think the one firewall is not enough security for the hospital network.

• Access control would be another important issue when trying to prevent HIPAA violations. There needs to be a way of controlling access to patient records, so that hospital staff only have access to files and records of the patients in their care, or to information pertinent to their position. This is also important when pertaining to hospital employee, and financial records.

• Having only one gateway with a T3 connection could also be a huge issue. In a hospital the internet is very important when communicating with other facilities in the region, and even consulting doctors from around the globe. If that gateway or Line were to fail the hospital would be cut off from the internet. I think that having only one connection and no redundancies in place is a huge issue.

2. What would you recommend to make these potential failure points more robust?

• Okay so with the firewall, there should not only be a firewall at the gateway, this is great for keeping out external threats but what happens when the threat has access from within the network? There should be a firewall restricting access at every server, workstation, and between departments. Not only should the network be secure from external threats, but also from any internal security...