Running Head: IMPROVING THE SECURITY OF HOSPITAL’s IT SYSTEM 1

Week 8 Assignment

Improving the Security of Hospital, It System

Name of Student

Name of Institution
IMPROVING THE SECURITY OF HOSPITAL’s IT SYSTEM 2

Improve the Security Of Hospital’s IT System.

1. QUESTION 1 LIST OF IT ASSETS. List the IT Assets that Hospital IT system is going to need to
fulfil the mission. You should consider the INTRANET of the hospital and list the Hardware and
software components of the complete IT system.

The Hospital Network's attempts to enhance quality, productivity and profitability will need to be

backed by IT assets: - A replicating Storage server should be used by the hospital where copying data

should be much more effective and tolerant of faults. To preserve old documents, there ought to be a

data-warehouse system. Any Wi-Fi worker in the hospital and his/her staff should have a login permit

before they can access the online services and separate OTP registration as a visitor needs to be

enforced as Wi-Fi can be quickly abused. To retain the intranet network's high efficiency the intern LAN

should be handled properly and high-speed routers built everywhere. The RFID technology also needs to

be acquired for card scanning when accessing a restricted area that can be tracked online.

Storage Server

Network switches

Databases

Routers

Ethernet cables

High Speed routers

For the entire hospital network and running backups an alternative server is essential for the effective

administrative and technical operations and the execution of scheduled queries.

IMPROVING THE SECURITY OF HOSPITAL’s IT SYSTEM 3

2. Prepare the control spreadsheet which covers

To achieve a secure hospital system a great focus shall be put on the CIA triad. With more emphasis put

on data Integrity, Confidentiality and Availability this is meant to safeguard the medical data from

malicious modifications. (Guhan et al., 2018). The CIA triad provides ensures that the extent approved

users should access information and programs. Protection from unwanted disclosure of corporate

results. Affirm the material was not updated or lost.

IT ASSETS OF THE Regional Destruction, Damage Company Specific Intrusion

HOSPITAL Fire Flood Power Loss Internal External
Intruder Intruder/Hacker
Network switches Disaster Disaster Disaster Extensive user Firewall for data
recovery recovery recovery plan, training about communication in
plan/ plan, not UPS viruses &out of the
Halon fire on or (uninterruptible system,
system & below power source)
sprinklers ground
level
Ethernet Cables Disaster Disaster Disaster Firewall for Firewall for data
recovery recovery recovery plan, data communication in
plan/ plan, not UPS communication &out of the
Halon fire on or (uninterruptible in &out of the system, Extensive
system & below power source) system, user training
sprinklers ground Extensive user about viruses
level training about
viruses

High speed Disaster Disaster Disaster Firewall for Firewall for data
Routers recovery recovery recovery plan, data communication in
plan/ plan, not UPS communication &out of the
Halon fire on or (uninterruptible in &out of the system, Extensive
system & below power source) system, user training
sprinklers ground Extensive user about viruses
level training about
viruses
IMPROVING THE SECURITY OF HOSPITAL’s IT SYSTEM 4

Financial database Disaster Disaster Disaster Extensive user Multi-factor

recovery recovery recovery plan, training about authentication,
plan/ plan, not UPS viruses, Virus Virus checking
Halon fire on or (uninterruptible checking software present
system & below power source) software and updated,
sprinklers ground present and Strong password
level updated, policy, Multi-
Strong factor
password authentication
policy, Multi-
factor
authentication

patient’s database Disaster Disaster Disaster Extensive user Multi-factor

recovery recovery recovery plan, training about authentication,
plan/ plan, not UPS viruses, Virus Virus checking
Halon fire on or (uninterruptible checking software present
system & below power source) software and updated,
sprinklers ground present and Strong password
level updated, policy, Multi-
Strong factor
password authentication
policy, Multi-
factor
authentication

Employee Disaster Disaster Disaster Extensive user Multi-factor

database recovery recovery recovery plan, training about authentication,
plan/ plan, not UPS viruses, Virus Virus checking
Halon fire on or (uninterruptible checking software present
system & below power source) software and updated,
sprinklers ground present and Strong password
level updated, policy, Multi-
Strong factor
password authentication
policy, Multi-
factor
authentication
IMPROVING THE SECURITY OF HOSPITAL’s IT SYSTEM 5

Wi-Fi Access Point Disaster Disaster Disaster Firewall for Firewall for data
recovery recovery recovery plan, data communication in
plan/ plan, not UPS communication &out of the
Halon fire on or (uninterruptible in &out of the system, Strong
system & below power source) system, Strong password policy,
sprinklers ground password
level policy,

Routers Disaster Disaster Disaster Firewall for Firewall for data

recovery recovery recovery plan, data communication in
plan/ plan, not UPS communication &out of the
Halon fire on or (uninterruptible in &out of the system, Strong
system & below power source) system, Strong password policy,
sprinklers ground password
level policy,
IMPROVING THE SECURITY OF HOSPITAL’s IT SYSTEM 6

References

Guhan, S., Arumugham, S., Janakiraman, S., Rengarajan, A., & Rajagopalan, S. (2018, May). A Trio

Approach Satisfying CIA Triad for Medical Image Security. In International Conference on ISMAC

in Computational Vision and Bio-Engineering (pp. 1109-1121). Springer, Cham.