|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: SUS server
From: Evan Mann (emann
pinnaclefinancial.com)
Date: Tue Apr 08 2003 - 10:02:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I've read the 21 CFR Part 11 spec and no where in the documents I've read
does it make indications as to what controls you need on your systems in
terms of updates to your OS and OS related files. 21CFR Part 11 is all
about document control and/or electronic signatures on resources related to
your medical business, not what can or cannot be done to the operating
system itself.
Granted, I've not read the MS Licensing on 2K SP3 and XP SP1, but unless it
states that MS has unrestricted access to your actual files on your system,
then it shouldn't be an issue with 21 CFR Part 11.
-----Original Message-----
From: Thane Walkup [mailto:twalkupquorumreview.com]
Sent: Tuesday, April 08, 2003 10:41 AM
To: focus-mssecurityfocus.com
Subject: RE: SUS server
Note that this still won't resolve the issue with 2k SP3 and XP SP1 - the
language of the license seems to give Microsoft unfettered access to update
your machines at will, not just via SUS. I'm not claiming that Microsoft
has a backdoor into XP or 2000, just saying that the language of the license
lets them do that.
Thanks,
Thane
-----Original Message-----
From: Brian W. Spolarich [mailto:bspolarichnephrostherapeutics.com]
Sent: Monday, April 07, 2003 11:31 AM
To: Thane Walkup; focus-mssecurityfocus.com
Subject: RE: SUS server
Thane Walkup wrote:
> One VERY good reason not to run SP3 is possible HIPAA and 21CFR11
> regulation issues - since the license for SP3 technically gives
> Microsoft unfettered access to your PC, any company under those
> regulations could be in violation of those regulations.
>
> This affects just about any medical facility.
One can configure the SUS client to point at an internal SUS server via
Active Directory GPOs. I suspect that if you point it at a non-functional
URL the auto-update component will essentially be disabled, and it may be
possible to disable it completely via GPO (haven't looked).
-bws
<b>
----------------------------------------------------------------------
Block Spam, Smut & Viruses
SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers of
technology including filtering embedded and attached file content. Rid your
enterprise of unwanted content.
http://www.securityfocus.com/SurfControl-focus-ms2
Download your free fully functional trial, complete with 30-days of free
technical support.
----------------------------------------------------------------------
</b>
<b>
----------------------------------------------------------------------
Block Spam, Smut & Viruses
SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers of
technology including filtering embedded and attached file content. Rid your
enterprise of unwanted content.
http://www.securityfocus.com/SurfControl-focus-ms2
Download your free fully functional trial, complete with 30-days of free
technical support.
----------------------------------------------------------------------
</b>
<b>
----------------------------------------------------------------------
Block Spam, Smut & Viruses
SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers of
technology including filtering embedded and attached file content. Rid your
enterprise of unwanted content.
http://www.securityfocus.com/SurfControl-focus-ms2
Download your free fully functional trial, complete with 30-days of free
technical support.
----------------------------------------------------------------------
</b>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]