As healthcare facilities begin to make better use of electronic patient records, the networks used to access those databases will be required to have security protocols to prevent unauthorized access. Wireless networks are increasingly being deployed, and they present their own challenges.  Unlike wireless local area networks (WLANs) of the previous millennium, today’s WLANs can be equally as secure as wired networks. This is in large part due to advances in security standards such as 802.11i and advanced encryption standard solutions, according to Mark Tauschek, a senior research analyst at Info-Tech Research Group based in London ON.  Big strides have been made in the last five years, so solutions that come out of the box don’t need any add-ons to guarantee a secure network. Legacy systems still present challenges to security, but it is achievable. Proper authentication and encryption are the key elements of a solid defence against intrusions. "Any enterprise-grade wireless solution that you purchase today has the ability to be secure," said Tauschek. But he cautions older wireless LANs relying on wired equivalent privacy (WEP) protection are largely insecure. "Anyone who is still running on WEP is not secure. The key is proper implementation with today’s solutions. There are a lot of layers that you can place on top of security," he said.  Indeed, Tauschek stressed that proper implementation of 802.11i or Wi-Fi protected access 2 (WPA2), as well as the use of additional security features such as wireless intrusion detection and prevention systems (WIDS/WIPS), will effectively guard against internal and external threats such as a hacker breaking into the network and other security breaches, explained Tauschek.  Part of the problem around making sure a network is secure and threats from outside or inside the organization are minimized revolves around employee conduct and technology misunderstanding. "It could be something as simple as an employee plugging into an access point to have wireless connectivity in the office and, not understanding security opens up the whole network ," Tauschek said.  But newer systems come equipped with prevention systems built-in, he added. "A lot of the systems that you purchase today have basic functionality that detect rogue access points that don’t belong in their air space. A lot of the more sophisticated full-featured intrusion detection systems can block access points through the wired network and over the air. They can do things like block man-in-the-middle attacks. Overall, data that are part of a healthcare network need to be on the high-end of security," Tauschek explained.  The choice of vendor is frequently determined by a healthcare facility’s previous experience, with many opting to choose brands and manufacturers with which they have familiarity. Buying an industry standard from a company such as Cisco Systems Inc. is a reasonable choice, but smaller players in the market such as Aruba Networks or Trapeze Networks offer strong security and usability, respectively, noted Tauschek.