Académique Documents
Professionnel Documents
Culture Documents
Introduction
Malicious software (or malware) is software that can get on a computer and cause damage to the computer or the data on it. Malware can include computer viruses, worms, Trojan horses (Trojans), spyware, and rootkits.
Policy
Elekta software runs on Microsoft Windows or GNU/Linux operating systems. Elekta recommends that you do not install anti-malware software on computers in the treatment delivery suite (TDS) 1. The design of the software on the computers in the TDS includes some protection from malware contamination. Elekta recommend that you examine the computers in the TDS out of clinical hours from a computer on the same network. If you find malware on a computer in the TDS, isolate the computer and install the operating system and software again. The installation of anti-malware software on computers that are not in the TDS is recommended. The Elekta anti-malware policy gives information about malware contamination from network connection or storage devices and media. The policy also includes information about the problems that can occur when you use anti-malware software. Included in this Newsletter there are two tables that give a list of Elekta software, with its applicable level of protection and policy on operating system upgrades.
Network connection
In some installations, Elekta software connects to the same networks as other computers that connect to the Internet. This network connection increases the risk of contamination from malware. Elekta recommends that you use a VLAN, with no other connected computers, for computers in the TDS. We can then keep the applicable ports for some interfaces open, for example, DICOM from a treatment planning system. The largest risk to Elekta software comes from other computers on the same network that you use to read email or go to websites that can cause malware contamination on these computers, and subsequently, other connected computers. Elekta therefore recommends that you: Do not use e-mail or Internet software on the computers in the TDS Do not connect portable computers to the network Where applicable, run Elekta software from a user account that does not have administrator user rights.
The risk of malware contamination decreases when the malware tries to run on an account that does not have administrator user rights. If the malware runs on a user account without administrator user rights, the malware cannot change system files and settings. The design of Elekta software is such, that it is not necessary to use administrator user rights for the usual operation of the software.
1. A treatment delivery suite (TDS) contains all computers connected to a Digital Accelerator, for example, Desktop Pro, iViewGT, XVI, MOSAIQ SEQUENCER.
Page 2
Usually, Internet Explorer and Outlook Express are a standard part of Microsoft Windows. But on most computers in the TDS, we use an installation CD with Internet Explorer and Outlook Express removed. Where applicable, Elekta does use the security functions in the operating system, for example, the Windows Firewall.
Note: The warranty on computers in the TDS states that you must not make changes to the configuration, without the correct authority of the manufacturer 2. Elekta will not be responsible for any unauthorized changes in configuration or their effect on patient safety. 2. FDA, Guidance for Industry, Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software, January 14, 2005
Scheduled backup failures During backup, it is possible that the anti-malware software incorrectly finds files with dangerous data. The software changes or moves these files, which can cause a failure in the backup of the files, or a failure of the scheduled backup. Blocked network ports The firewall functions in the anti-malware software can make it necessary for the system administrator to open some ports for communication from other systems. This can prevent or decrease communication between the computers in the TDS or other Elekta systems (or systems from other manufacturers) on the network. And some functions, such as DICOM, backup and restore, and IntelliMax will not operate correctly.
iGUIDE iView & iViewGT XVI MOSAIQ SEQUENCER and SYNERGISTIQ MOSAIQ Server
Page 4
Level of protection Anti-malware scans are permitted (out of clinical hours) from a computer on the same network Operating system upgrades not recommended (until non-clinical tests of the upgraded system in a test environment are completed)
Note: For more information about Elekta CMS Software and IMPAC Software products, refer to the applicable section below.
PROCEDURE
To find the Anti-Malware Policy on the Internet: 1. 2. 3. Go to http://www.elekta.com. Type Anti-malware policy in the search box. Click the link Anti-malware Policy for Elekta Software.
Page 5
www.elekta.com
Corporate Head Office: Elekta AB (publ) Box 7593, SE-103 93 Stockholm, Sweden Tel +46 8 587 254 00 Fax +46 8 587 255 00 info@elekta.com Regional Sales, Marketing and Service: North America Atlanta, USA Tel +1 770 300 9725 Fax +1 770 448 6338 info.america@elekta.com Europe, Latin America, Africa, Middle East & India Tel +44 1293 544 422 Fax +44 1293 654 321 info.europe@elekta.com
RT Crawley 462 2010 Elekta. All mentioned trademarks and registered trademarks are the property of the Elekta Group. All rights reserved. No part of this document may be reproduced in any form without written permission from the copyright holder. Specifications subject to change without notice.