NHS Trusts screw up their wireless connections

The NHS has inaugurated another security blunder.

However, this time it’s not losing USB sticks or laptops containing sensitive information, it’s just not ensuring that its wi-fi is secure.

That’s according to a report by consultancy Orthus, which did a random swipe of 40 trusts. Using just a Toshiba laptop with a wireless card network driver and a freeware wireless audit tool, the company found that 68 percent allowed open internet access, 93 percent of which were available at a distance of 50 metres from the hospital entrance.  

Orthus said the lax attitudes showed that “network administrators clearly have not come to understand the liability associated with allowing internet access to unauthorised users.”

The company added that only 18 percent had an encrypted wireless network, while over half hadn’t bothered to change the manufacturers default access points on the router.

It said that the lose security could lead to serious security risks, such as giving non-NHS staff the ability to hack in and obtain personal patient information.

However, it did stick up for the trusts claiming that the lack or security could be because the hospitals wanted to give patients and the public access to the wireless network.

We think if it doesn’t tighten its wireless belt, there could be some big security casualties.