Bring Your Own Device (BYOD) and the Consumerization of IT Can we realize cost savings with not providing company owned and managed cell phones? Our staff now expects to be able to use their own devices to access: –Email, Calendar and Sharepoint –Demand for EMR –And other applications So, the question is: Will we as an organization support our end users or will we continue to tell them No, we do not support that.?
Salem Health Current Security Policy Regarding Smart Phones and Tablets iPhones and iPads are allowed. –End user must sign hospital policy document. –Must be managed by MS Exchange server. –Local password/PIN on device is required. –Local encryption is required. Blackberries are supported through a Blackberry Enterprise Server (BES). –Salem Health is currently phasing out the practice of providing Blackberries (and all cell phones) to staff. Everything else is not allowed at this time.
Salem Health Current WiFi Environment Coverage, Capacity and Quality (CCQ) Limit number of broadcast SSIDs to minimize WiFi overhead Dense deployment = 60 average spacing between APs with APs deployed at the corners and edges of the floor. (Equates to 1 AP per 2200 to 2500 square feet depending on the shape of the building) Smartphones and tablet radios are typically 10% of an Access Points max power.
What is connected to Salem Health WiFi? ~1000 unique wireless guest users in a 24 hour period. Peak of about 400 during the day. ~700 Voice over WiFi phones. ~50 temperature sensors ~600 CIMs and laptops ~200 smart phones (blackberries and iPhones) ~900 Infusion Pumps ~20 EKG machines Plans WiFi Clocks, RFID tags and an additional 800 VoWiFi phones
Troubleshooting Tools What to do when the vendor blames the network? –Multi Channel Wireless Packet Sniffer –Spectrum Analyzer –Site Survey Tools –VoWiFi Analysis Tools
Salem Health Where we need to be for Information Services to support BYOD
Network Profiling, Network Access Control and Mobile Device Management Accurate Network Device Profiling is Critical! –Identify what and who is connected where Posture Assessment –Patched? Antivirus? User/Role Based Access Control: –Grant Access to permitted resources, restrict access to everything else. Smart Phone and Tablet Management (MDM) –Auto Enrollment for End users –Push WiFi and VPN security settings, Apps –Control password policy and local encryption
Not all 802.11 devices are not the same –Many medical devices advertise 802.11g but only communicate at 1mbps or 2mbps. This will degrade performance for the rest of the devices within range. –Client devices control the roaming behavior –When choosing a VoWiFi vendor, choose a vendor with experience and fully test in your environment prior to rolling out. Do not choose a 1 st generation VoWiFi handset. Ask for references and speak with them regarding their experiences.