Security immunization using basic countermeasures

Document Type

Conference Proceeding


Faculty of Computing, Health and Science


School of Computer and Information Science / Centre for Security Research




Williams, P. (2006). Security immunization using basic countermeasures. Proceedings of the 2006 International Conference on Security and Management (pp.426-432) Las Vegas, Nevada, USA. Conference website available here.


The increased use of computing has significantly raised the profile of information security within the clinical environment. Medical information security is concerned with protecting the assets of a medical practice. These assets include hardware, software and intellectual property. To, date, computer and information security in this environment has been poorly applied. Whilst the tenets of confidentiality and privacy are paramount in the practise of medicine, they are inadequately protected in the evolving electronic environment. Protection stems from an acknowledgment that risks exist the identification of the assets to be protected, and the application of security countermeasures to manage the risks. In this field, many guidelines have been developed, however most are not easily applied, by physicians and nontechnical staff charged with the responsibility of securing their medical systems. However, there are basic countermeasures can be applied with minimal technical knowledge of information security.