Secure Messaging Strategies

1
Secure Messaging Strategies

• Ben Littauer, Technology Consultant

2
Overview

• Context Securing E-Mail in Healthcare
• Possible Strategies
• One Size Doesnt Fit All
• Digging Deeper into S/MIME
• MHDC Phase 1
• MHDC Phase 2

3
Context

• Working with CareGroup and the Massachusetts
  Health Data Consortium
• Problems
• Secure Patient/Physician Messaging
• Secure Business to Business E-Mail
• Environment
• HIPAA
• No

4
Possible Strategies

• Web-based messaging
• Desktop-encrypted e-mail
• S/MIME
• PGP
• Server-encrypted e-mail
• SSL
• SMG
• DomSec
• VPN

5
One Size Doesnt Fit All

• B2B requirements very different from B2C
• Web based great for asymmetric B2C
• Diverse clients from library kiosk to power user
• Captive audience
• Potential for value-add
• CareGroup PatientSite
• Web-based lousy for B2B
• Existing streams of ordinary e-mail
• Symmetry implies hosting issue
• User decision involved in security

6
MHDC Secure Messaging

• Phase 1
• Desktop encryption with S/MIME
• Free certs and training from Cybertrust/Baltimore
• Existing clients support S/MIME (not true for
  PGP)
• 20 50 Users in 4 organizations

7
Phase 1 Lessons Learned

• Technology not there yet
• Private keys not protected on clients
• Trusted Root problem
• Certificate revocation
• No centralized admin/management
• Directory integration lacking

8
Phase 1 Lessons Learned

• Technology not there yet
• If it were there, it still would be very
  expensive
• RA training
• 1 user 1 or 2 certs to manage
• User training
• Inter-organizational directories

9
Phase 1 Lessons Learned

• Technology not there yet
• If it were there, it still would be very
  expensive
• If you could afford it, you wouldnt want to
• No virus checking
• No content checking
• Loss of data to organization

10
Phase 1 Lessons Learned

• Technology not there yet
• If it were there, it still would be very
  expensive
• If you could afford it, you wouldnt want to
• Gotta be a better way!

11
Phase 2 S/MIME Gateways

• GOALS
• Vendor- and platform-neutral, standards-based and
  transparent to users
• Encryption at organization border
• Signatures not required, problematic
• Several vendors in market
• Lack of interoperability standards
• Critical need standardize approach

12
Phase 2 Lessons Learned

• SMG Advantages
• No Specific CA Required
• User Transparency No User Training
• ANY client supported
• No User Authentication
• Content Filtering, Virus Checking Supported
• Does Not Do
• User Authentication
• Domain Authentication

13
Phase 2 Lessons Learned

• Why not SSL?
• E-Mail relays
• Lack of broad support
• Why not VPNs?
• E-Mail relays
• Expensive, overkill

14
Phase 2 Lessons Learned

• What about DomSec?
• More powerful than required
• More effort than possible
• New and untested
• Semantics of signatures
• SMG and IETF
• To be re-cast as DomSec profile

15
Phase 2 Status

• Demo April 2001 HealthKey Conference
• Pilot completed between Commonwealth of
  Massachusetts, Tufts and CareGroup
• Lessons Learned
• Close, but more specificity needed in SMG doc
• Products decayed after HealthKey demo
• Small market, high vendor turnover
• New vendors want to play
• CIOs are from Missouri

16
Current Effort

• 8 vendors signed up to develop next SMG draft
• MHDC coordinating development of RFP template
• Need to figure out testing and certification
  Open Group?

17
Vendors

• Brute Squad Labs
• Clearswift (Content Technologies)
• MailQube
• NetIQ/Mail Marshal
• Sigaba
• Syntegra
• Tovaris
• ZipLip

18
Contact Information

• Ben Littauer, Technology Consultant
• littauer_at_blkk.com
• http//www.blkk.com