Link to start-page

language - Norwegian language - English printable view small text normal text large text sitemap

You are here: Telemed.no > News archive >  > 

New survey:

Open-source software is just as secure

2009.02.03 by Jan Fredrik Frantzen
The popularity of open-source code and free software is growing, but are they as secure as licence-based software? Yes, conclude security advisers at the NST.
Photo: Jan Fredrik Frantzen, NST.

Security advisers Eva Henriksen and Eva Skipenes addressed this question during the security assessment of a project at the Norwegian Centre for Telemedicine. The project manager wanted to publish the program code on the Internet so that it could be used by other research communities.

But could this give hackers an opportunity to exploit the code to create programs that threaten the security of information in the public health service?

Risk in bad code - and poor routines

"We have not found security-related differences between the use of open-source code and closed, proprietary software," comments Eva Henriksen, who has headed the initiative at the Norwegian Centre for Telemedicine.
   
What does make a difference, she explains, is not whether the source code is open or closed, but whether you have focused on quality and security right from the start of program development.

In other words, it is bad code that represents a security risk, the two advisers have established after researching what has been written on the subject and interviewing 17 IT players in the Norwegian public health service.

Can build in extra security

The great advantage of open-source code is that you do not have to pay for a licence to use the software, and that you can adapt the program to your own needs. Among other things, it is possible to incorporate extra security in the program to adapt it to the stringent requirements of the public health service.

"But this requires expertise and resources in the IT department at the healthcare establishment. It becomes a question of whether you want to spend more money on program licences, or on your own in-house IT resources and support agreements to achieve the functionality and security you want," concludes Eva Skipenes.

"And of course, all systems have the same quality requirements for security updates, antivirus programs, and procedures specifying who can access which parts of the system," she adds.

The project was funded by the Norwegian Centre for Telemedicine, Tromsø Telemedicine Laboratory (TTL), and the Norwegian Ministry of Government Administration and Reform.

Contact person

Eva Henriksen, telephone +47 957 31 836 and email Eva.Henriksen@telemed.no
 

Hospital saved more than 13 million euros

Beaumont Hospital in Dublin, Ireland, saved more than 13 million euros over five years, after they migrated to more extensive use of open-source code, in-house development and support agreements. They also developed software themselves, including their own solution for archival and viewing of digital X-ray imaging.
<<
icon tip a friend E-mail this
Share on Facebook
Add to Twitter
© Norwegian Centre for Integrated Care and Telemedicine | Contact | Editor: Elisabeth Jakobsen | Webmaster: Jarl-Stian Olsen | Content management system by CustomPublish | Webstats