Alerts and Monitoring

I have said this before, but I worked at a IT consulting company this past summer as an intern, which led to me being exposed to a large amount of different technologies. One of them which was fairly annoying was all of the alerts that I received throughout the day. On the surface, alerts are a great idea. They allow the IT workers to instantly now what is going on with their servers, printers, software, and so on that is on the network. However, it becomes a burden when you are being bombarded with them on a daily basis.

We discussed this in class, and it is talked about in the textbook, but alerts are good until they don’t mean anything. I would get about 30 emails a day from various client sites giving me a status report on various hardware and software there. It got to the point where I would mentally just skim past them when looking through my inbox. However, you can not live without them in the IT world, no matter how annoying they are.

Two separate times during my internship, alerts let us know that the entire network crashed at one of our clients, who were a middle market financial firm. We were never able to figure out the root cause of this issue, but we think it had to do with the switches being overloaded. This usually should not be an issue for switches, but the switch was terribly old and the client refused to upgrade. Anyway, a firm like that needs email to operate. If it doesn’t have email, the company might as well not exist. We got the notifications from the server, and within a minute of receiving the alert we received multiple very angry phone calls. It was an easy fix by simply restarting the switches, but alerts allowed us to know about it.

Blockchain

http://www.computerworld.com/article/3191077/security/faq-what-is-blockchain-and-how-can-it-help-business.html

Yeah yeah, Google News, technology section, something caught my eye. What else is new? Here’s blockchain. I never heard about it, so I think there is a half decent chance you haven’t heard about it either. I didn’t know whether I wanted to write about it, so I looked at my handy 2016 Gartner’s Hype Cycle chart. What do you know, there it is right in the middle of the peak of inflated expectations. Perfect, let’s look into this emerging technology and go deeper.

In its most basic terms, block chain can be thought of as a relational database that can be shared among spread out users, and these entries to the database, are logged and cannot be changed. Each entry that is put into the system is encrypted with a cryptographic hash, making it the ideal database. It also means that no database administrator is required for a blockchain, it can simply exist by itself.

The next thought one has is what exactly can this be used for? Auditing firm EY believes blockchain will be great for auditing purposes, as everything entered in the database is unchangeable. This will also see use in EHRs and EMRs, that need to securely hold sensitive patient data. Finally, this technology could help reduce infrastructure costs in banks by 30%, or roughly $10 billion dollars.

The technology is still in its infancy, and some critics argue that the lack of a true admin for the system poses huge security problems. We will have to wait and see how blockchain develops into the future.

Social Engineering

Like many grandchildren today, I am the defacto IT guy for my technology challenged grandparents. It is not their fault for being so inept at even the most basic computer items, as they did not grow up with technology around them. Thanks to this precarious situation, I have many great stories from when I had to assist my grandparents. Today, I will be talking about a time my grandfather fell victim to social engineering. While none of us would fall for such simple tricks, it is incredible how they are so willing to believe anything that pops up on their computer.

My grandfather has a penchant for clicking on who even knows what and ending up on some sketchy websites. Most of the time, this results in nothing more than a call to me, or possibly a quick virus scan to get whatever he stumbled upon off his system. However, there is one time where he managed to download a virus that give him a particularly  realistic looking popup. The popup look official from Microsoft, and said that he needed to input his credit card details to pay for a program to remove the virus from his computer. It also said that he would lose all of his data on the computer if he did not take action. So stupidly, he put in his card information, and then decided to call me about it. I went to his house, only to find that he wast just easily manipulated. Clearly Microsoft would never force someone to buy virus removal software, but he did not know any better. Going through the trouble of cancelling his credit card hopefully taught him a lesson. I have yet to have any other issues with him and giving his credentials to randoms sources just because they ask for it.

This was a quick story, but one that happens more often than you think. These scammers prey on the elderly as they are not as skeptical of technology like my generation is. A cafeteria worker in my high school got a phone call that his son was locked up in South Africa and needed to be wired $5,000 for bail. He did it no questions asked. I don’t think I know a single person my age who would just wire a random person $5,000 without reassuring its legitimacy. These are just a few brief examples as to why social engineering is so successful, even if we might just laugh it off.

EHRs in the Real World

http://www.healthcareitnews.com/news/black-book-cerner-best-ehr-replace-vas-vista

With all of the groups taking on a case study about technology in the medical field, I thought it would be a good idea to look a major news story revolving healthcare IT in the real world.  For those that don’t know, EHR stands for electronic health record, and an EHR is a system used by medical facilities to replace their paper records on patients.  Instead they can store all information digitally, making it easier to access and more secure from the hospitals perspective.  The story going on in the news is that the US Department of Veterans Affairs is currently searching for a new EHR system.  This is a big deal because the VA has over 1,200 sites across the country.

The VA currently uses VistA, a system that is currently 30 years old.  We have talking in multiple IST classes talking about legacy systems, and how detrimental they can end up becoming for large organizations that need to rely on and still support them despite how outdated they are.  This is the exact problem the VA finds themselves in, and are now rushing to find a vendor that will fit their needs.

The VA contracted Black Book, a market research firm, to help determine the best replacement for VistA.  Black Book surveyed 30,000 EHR users and created 24 key performance indicators to help create a shortlist for system vendors.  The final five Black Book arrived on were Cerner, Epic, Allscripts, Meditech, and aetenahealth.  In first place was Cerner, who scored an average score of 9.14 out of 10 in the categories determined by Black Book as well as the 24 KPIs.  Additionally, Cerner swept every category, placing at the top of every one.  In second place was Allscripts with a 8.91, and Epic in third with a 8.17.

I noticed that during the presentation’s so far, Dr. Fusco has always been asking “Why are they doing this?”  In this specific instance, the current system used by the VA is criticized by Congress for its age and its lack of compatibility with the DoD’s EHR.  Dr. Fusco has also asked why a company has chosen a specific solution.  In this case, the VA decided to go with Cerner as they met all of the criteria laid out by the VA.  There is no point in choosing a system, an expensive one at that, unless the system goes above and beyond your requirements for it.