Use your computer fearlessly.




[ Security | Consulting | Research ]





Penetration Testing Outlawed

by Brent Kirkpatrick

(Date Published: .)



HIPAA Outlaws Penetration Testing



Healthcare privacy laws prohibit the computer security industry from penetration testing. The whole industry is rightly stifled by its favorite method of assessing the ineffectiveness of security measures.

Why? Because security people cannot be given permission to access confidential files on patients. Since penetration (pen) testing is the tool of choice by most security experts, the healthcare sector's security is neglected.

Healthcare, governed by Health Insurance Portability and Accountability Act (HIPAA) privacy laws, must use other methods to assess computer security flaws. For example, Intrepid Net Computing's ButtressIT audit method that uses artificial intelligence and public network data.

Most experts in computer security for healthcare use checklists of security measures. This is insufficient and leaves holes such as cracked encryption keys. Intrepid Net Computing uses a statistical audit method that assess specific types of attacks. These attacks include:

  • encryption cracking,
  • DNS poisoning,
  • DoS attacks,
  • watering hole attacks,
  • worms,
  • Trojans,
  • etc.










bbkirk@intrepidnetcomputing.com




© 2015, 2016, 2017, 2018 Intrepid Net Computing. All rights reserved.