Hospitals Back Off Cisco LEAP Security for WLANs

摘要

For some health care IT managers, the vulnerability of Cisco Systems Inc.'s wireless LAN authentication protocol to attacks aimed at discovering passwords is reinforcing the importance of developing multilayered approaches to securing their networks. Several users last week said they have already adopted or plan to install a mix of WLAN authentication and encryption protocols in order to ensure that their companies comply with the data privacy requirements of the federal Health Insurance Portability and Accountability Act. Chris Lenaghen, a network engineer at St. Alphonsus Regional Medical Center in Boise, Idaho, said he views Cisco's Lightweight Extensible Authentication Protocol (LEAP) as "a temporary solution" until the hospital can install an updated version of Novell Inc.'s Extend Director software.