*HIPAA On 2019-06-22 12:40, Bill Johnson wrote: > Up to 10k per HIPPA violation. > > > Sent from Yahoo Mail for iPhone > > > On Saturday, June 22, 2019, 11:59 AM, Donald Blake <dhbl...@gmail.com> wrote: > > If a company can't afford to do computing correctly, and that includes > doing it securely, they shouldn't have computers in house in the first > place. Particularly medical related companies such as hospitals. That's a > HIPPA violation waiting to happen. Which in the US, carries potentially > severe consequences. > > Date: Fri, 21 Jun 2019 13:33:39 +0300 > From: ITschak Mugzach <imugz...@gmail.com> > Subject: Re: mainframe hacking "success stories"? > > Radoslav, > > Many clients I visited allows local admin authority on windows workstation > to the machine user for ease of management. However, we get clients monthly > reports on success and failures from some clients of us. Most of them > respond well to attacks and block them, so even their workstations are > protected. > > I believe it is a question of budget. Banks can afford protection that > hospitals can't (and bankers can afford better medical treatment than > others...). If you look at the names of clients that were hit by such > attach, it is almost always a client that can't afford a complete security > systems. > > On the mainframe, only few datasets are owned by en users, most of them are > not significant to the user (ISPF temporary datasets, some "on work" job or > source code libraries that most of them are on the change management store, > etc.). How many DB2 data tables can be updated by human clients directly? > Near if not zero. So,from the attacker point of view, no much to > encrypt,unless he get a service account. This is more complex to perform. > > and as I always say, security cost you a lot, but if it works, managers > doesn't see the value of it. > > ITschak > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > . >
---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
