How to keep Asante’s kiosk computers safe

Asante’s fleet of shared kiosk workstations in clinical work areas are the dashboard of a finely-tuned patient care system. Did you know that ITS carefully builds the kiosks so they are fast, efficient, and meet the unique requirements for their assigned clinical area?

These communal computers withstand the constant tap-in, click, scroll, type and tap-out without complaint; they record our work activity. They also get regular tune-ups and new features. But they aren’t set up for private or “creative” use. They are in busy, shared work areas and may be accessed by hundreds of people.

For example, one or more Asante employees downloaded a browser-based password management program on some kiosks. Perhaps they were not aware that the passwords saved on the browser program were readable by all users of the kiosk due to the shared nature of the profile settings. This personal use compromised the secrecy of their passwords and the security of Asante systems and sensitive data.

Unfortunately, some kiosks are showing symptoms of misuse — or personal use — which jeopardizes the security of our systems and sensitive data. Other unapproved software has been downloaded onto kiosks from the internet, raising the risk that the kiosk becomes “pwnd,” which is computer slang for a computer compromised and “owned” by a cybercriminal.

This is why the ITS security team would like to remind employees that following kiosk care rules will help kiosks stay safe, dependable and ready to help us care for patients:

1. Never feed a kiosk new software. A kiosk should never have a non-standard browser or software unless ITS puts it there. Unauthorized software has caused local and distributed malware infections, repair downtime and productivity loss.
2. Don’t tell a kiosk your personal secrets. Never use a browser password manager program on a kiosk. The passwords can be readable on shared computers.
3. Say goodbye to a kiosk you no longer need to use. Log out of a kiosk immediately when you finish your work!  Any activity that happens on a kiosk left open and unattended will be attributed to the user who left the kiosk without logging out. Patient snooping and computer malfeasance will “hide” under an unattended, logged-in computer. Don’t leave yourself suspect.
4. Don’t ask a kiosk to remember you. Never choose the Asante Duo “Remember me for 16 hours” option if you are using a kiosk. If you do, like No. 3 above, the actions of the next user on that shared computer and application will register as your actions.
5. If a kiosk is sick, tell ITS. Is your kiosk suffering from unapproved software? Is it acting strangely? Call the ITS Service Desk at (541) 789-4141.

Remember, the kiosks are a shared resource. Treat them well and they will run safely and smoothly for many years.