Attach a huge computer-based file to an e-mail, whisk it away, and within a minute or two it's at the destination. The option is nearly indispensable to how managers, clinicians and researchers work. The same is true for virus writers.
To ward off the threat of harmful payloads mingling innocuously in the heavy traffic of daily operations, some teaching hospitals are setting up a safe haven outside the main communication network for well-protected exchanges of images, documents and other essential files traded among healthcare professionals.
At Albany (N.Y.) Medical Center, experts established such a haven two years ago to provide academicians a means to send and receive images and other complex electronic data, says Dennis DeLisle, vice president of information technology. A special server for transferring files operates in a buffer area between the medical center's private network and the public Web. That virtual area is known as the "DMZ," a reference to the demilitarized zones between North and South Vietnam during the Vietnam War and at the 38th parallel separating North and South Korea, DeLisle says.
When an authorized user sends a loaded e-mail to the DMZ, the server automatically sends an e-mail to the recipient with a random user code and password and a time limit of three days to use them. After the intended party downloads the contents, or if the message is not opened within the three-day period, the e-mail is automatically deleted, DeLisle says.
The solution is inexpensive and takes about a week to set up, he says. At Albany, it allowed security pros to install a process that strips suspicious attachments at the doorstep of the main network without getting in the way of legitimate information swapping.
For example, DeLisle says, a medical resident recently sent 1,000 slides on microbial cell progression through the DMZ route to Germany as part of a research and diagnostic collaboration.