Noteboom The Law Firm

VA Checking Its Own Cyber Vulnerability

October 25, 2010 - This summer saw the Department of Veterans Affairs (VA) launching a new cybersecurity program, The Visibility to Desktop Initiation (VDI), to check on its own cybersecurity. The initiative will check if various security tools used on VA computers are being utilized. As far as veterans' electronic health records (EHR), the program will authenticate the security of computers used by:

• VA physicians entering diagnosis';
• Pharmacists filling prescriptions; and
• Billing Clerks noting co-pays.

 The VA system has been attacked numerous times over the last couple of years. Coupled with a need to update their security, the VA changed the visibility of their desktops to provide sufficient security to include veterans' personal information. This program will also sweep VA servers and laptops. To date, it is tracking about 30,000 laptops.

The program gives the VA full visibility so they can identify any threats on their system and properly respond to them. Through the VDI, the VA is able to look at the current condition of all the VA's 333,000 computers from one location to include:  

• Hardware;
• Software;
• Compliance with security protocols;
• Administrative group membership; and
• Patch level.

Over the next year, the VA will expand the use of the VDI program to include smart phones and thumb drives. The program will not fix all the VA's security problems, but it will help protect against breaches from external, non-VA sites, for example.