Thread: [GENERAL] Securing Information

[GENERAL] Securing Information

From
Chris Weekes
Date:
Hello Sir or Madam:

I wanted to install PostgreSQL v 9.6 on a machine that may
stand alone and or be part of a network sharing hospital
data.

I was wondering what steps if any need to be taken to ensure
that the patient and operational data is secure on a machine
and or across the network.

Thank you,
Chris

Re: [GENERAL] Securing Information

From
Rich Shepard
Date:
On Tue, 27 Dec 2016, Chris Weekes wrote:

> I was wondering what steps if any need to be taken to ensure that the
> patient and operational data is secure on a machine and or across the
> network.

Chris,

   I'm far from an expert but until more knowledgeable folks respond I'll
offer a couple of quick suggestins. First, in your postgres data/ directory
modify pg_hba.conf. Specifying hostssl and an appropriate authentication method
will help. Second, partition your users into postgres role specifying what
each role can access and do.

   The postgresql-9.6-US.pdf manual has all the details.

HTH,

Rich


Re: [GENERAL] Securing Information

From
Melvin Davidson
Date:


On Wed, Dec 28, 2016 at 11:49 AM, Rich Shepard <rshepard@appl-ecosys.com> wrote:
On Tue, 27 Dec 2016, Chris Weekes wrote:

I was wondering what steps if any need to be taken to ensure that the
patient and operational data is secure on a machine and or across the
network.

Chris,

  I'm far from an expert but until more knowledgeable folks respond I'll
offer a couple of quick suggestins. First, in your postgres data/ directory
modify pg_hba.conf. Specifying hostssl and an appropriate authentication method
will help. Second, partition your users into postgres role specifying what
each role can access and do.

  The postgresql-9.6-US.pdf manual has all the details.

HTH,

Rich


--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

Another thing to consider is DO NOT create your tables in the public schema.
Instead, create a separate schema, then only grant access to that schema and tables
to users that are authorized to access them.

--
Melvin Davidson
I reserve the right to fantasize.  Whether or not you
wish to share my fantasy is entirely up to you.

Re: [GENERAL] Securing Information

From
Adrian Klaver
Date:
On 12/27/2016 11:59 AM, Chris Weekes wrote:
> Hello Sir or Madam:
>
> I wanted to install PostgreSQL v 9.6 on a machine that may
> stand alone and or be part of a network sharing hospital
> data.
>
> I was wondering what steps if any need to be taken to ensure
> that the patient and operational data is secure on a machine
> and or across the network.

That is a large question that depends to a great deal on what the rules
say for whatever legal jurisdictions you are working in. Assuming you do
not like spending time in court.

>
> Thank you,
> Chris


--
Adrian Klaver
adrian.klaver@aklaver.com


Re: [GENERAL] Securing Information

From
jesusthefrog
Date:

If you're storing HIPAA data and/or PII then just make sure it's encrypted at rest. We just did this at my workplace by using full disk encryption on the disk which stores the DB files.
That may not be the best solution, but it appears to work well enough.

--
-----BEGIN GEEK CODE BLOCK-----
  Version: 3.12
  GIT d- s+ a- C++++ L+++ S++ B+ P++>++++ E++ W+++
  N o? K- !w++++ O- M- V? PS++ PE- Y+ PGP t+ 5+++
  X R+ tv b+++ DI++ D++ G+ e-- h- r++ y
------END GEEK CODE BLOCK------

Re: [GENERAL] Securing Information

From
John R Pierce
Date:
On 12/28/2016 4:16 PM, jesusthefrog wrote:

If you're storing HIPAA data and/or PII then just make sure it's encrypted at rest. We just did this at my workplace by using full disk encryption on the disk which stores the DB files.
That may not be the best solution, but it appears to work well enough.


data really should be encrypted at the end point it originates and only decrypted at the end point where its used.    yes, this presents all sorts of annoying issues for everything in between, but anything less is false security.

the problem with full disk encryption, as long as the volume is mounted, the data is visible as the encryption keys are loaded at boot or mount time.  the only threat model FDE protects against is physical theft of the server.



-- 
john r pierce, recycling bits in santa cruz

Re: [GENERAL] Securing Information

From
jesusthefrog
Date:

True. In our environment we have other layers to deal with network security which covers us for encryption of a data as it's transmitted, and you definitely should do that, but that's not something a DBA would normally be concerned with.
And given that he said that the machine may be standalone, I would suspect that there would be a person at a directly (or nearly-directly) connected terminal, possibly via a web app. If you're going to, for example, email the data to someone, then it also has to be encrypted at that time, but that would need to be re-encrypted with a method the receiver would be able to decrypt anyway.

In any case I recommend reading the consolidated HIPAA Privacy Act regulations (https://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/administrative/combined/hipaa-simplification-201303.pdf).

I'm not entirely sure of the applicability of the Privacy Act of 1974 to non-government-affiliated computers/networks, but it can't hurt to read through that regulation for guidance as well. (https://gsa.gov/portal/mediaId/252231/fileName/CIO_P_21001I__CHGE_1_GSA_Information_Technology_%28IT%29_Security_Policy__%28Signed_on_10-20-2015%29.action page 35).

--
-----BEGIN GEEK CODE BLOCK-----
  Version: 3.12
  GIT d- s+ a- C++++ L+++ S++ B+ P++>++++ E++ W+++
  N o? K- !w++++ O- M- V? PS++ PE- Y+ PGP t+ 5+++
  X R+ tv b+++ DI++ D++ G+ e-- h- r++ y
------END GEEK CODE BLOCK------