DoH tells NHS to dump IE6
Get with the times, grandad
What you need to know about cloud backup
The Department of Health has told trusts using Windows 2000 or XP to move to version 7 of Microsoft's browser.
In a technology bulletin published by the department's informatics directorate on 29 January 2010, it advised NHS trusts using Microsoft Internet Explorer 6 on either Windows 2000 or Windows XP to move to version 7 of the browser.
"We've advised NHS trusts to upgrade to IE7 as early as possible," said a spokesperson. The guidance said that IE7 works with the department's Spine applications, and provides additional security.
The notice also recommended that organisations that continue to use IE6 should apply a security update patch from Microsoft to all affected computers, or if this is not possible apply mitigation methods suggested by the vendor.
Microsoft reported a significant security problem with IE6 on 14 January which could compromise a computer's operating system, although the browser was already known to be less secure than newer versions. The new vulnerability could act as an entry point for hackers to a network, allowing sensitive information to be stolen, according to the DoH bulletin.
IE6 is widely used within the UK's public sector. In July last year, several government departments said they continued to use IE6, including the MoD's Defence Information Infrastructure programme to provide secure computing services for 300,000 users.
The Cabinet Office has already issued a advisory notice to central government departments on how to deal with IE6. However, the governments of France and Germany have gone much further, advising that their citizens stop using any version of Internet Explorer.
In a parliamentary written answer to Lord Avebury on 28 January on whether the public sector should stop using Internet Explorer, Home Office minister Lord West said that there was no evidence that a fully patched version of its latest edition (IE8) is any less secure than other browsers.
"A government Internet Explorer user, operating on government systems, such as the GSi (Government Secure Intranet), will benefit from additional security measures, unlikely to be available to the average home computer user," he said. "These include tools which actively monitor for evidence of any malicious attacks and provide a layered approach to internet security."
This article was originally published at Kable.
Kable's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
COMMENTS
The DOH informatics directorate is a ****ing waste of time
rant/
They are the department that tested their latest and greatest flu line database (1 of 4 failed attempts) against the popular brownser Firefox 1.5 and 2.0 (but not 3.x), the same database that the people who designed and built it when show casing it said. "We don't think this version will do what you want, so we are looking at version 2 for that"
They are the same people that don't understand replication or live updates in SQL, so every day at 2pm one DB had to shut down to update another. Meaning every day, the entire flu pandemic response from the NHS had to have updated it's records by 2pm.
They are the same people that mean we have to run legacy systems, that require IE6 because the antiquated bag of rubbish they bought at vast expense ten years ago hasn't been replaced and we are forced to use. Yet we have to pay vast support and upgrade costs to keep it. It's not the spine thats the problem, its the contracts GP's that we now fund at great expense, their systems are whatever they want, because we have no say, yet we are meant to link up and support them.
They are the same people that think locking a spreadsheet but manually drawing 65000 lines on it is the norm', so when printed you get 318 pages of black lines. After complaining they shortened it to 10000 lines and onlu 88 pages or printing.
These are the same people that send out documentation in 2007 formats, but no-one uses 2007 because it conflicts with legacy systems.
These are the people that designed a phone line for information about the flu, 3 minutes and 50 seconds in, before you get the option of a none english speaking version. Which conflicts with their own guidelines and reaching out to the public, only to then ram down our throats that we should be doing it.
These are the same people that gave us a database for recording stock of tamiflu, that requires the internet and when we told them, that our volunteer chemists don't have internet, the DOH told us that they were therfore not allowed to volunteer. Requiring us to waste £50000 of NHS's taxpayers money to provide a service, Tesco and ASDA were doing for free.
These are the same IT people that gave me 41 minutes to train 44 staff in the use of a database before it went live, recording and checking the issuance of what is a life threatening drug with face to face interaction with the public.
They can shove their 'views' where it stings.
/rant
Guess where I work and what department I am in.
The Dead Hand of IT Out-sourcing
It isn't just the NHS that is locked into obsoletesoftware by past descisions.
These large organisations have the clout to require the support and changes that ensures software runs with the current version of IE--can you even get a legal copy of IE6 for a new computer--but they clearly can't find people who combine field-specific knowledge to manage IT with the status to make these decisions.
But I bet they all have MBAs and say it pays better to out-source.
IE7?
WTF? IE7 is stil non-standards complaint SHITE! It's still out of date. It's still riddles with holes. It's still not a browser any professional organisation should be using!
IE8 is *THE ONLY* choice.
It would be nice if they could use FF (or Opera, or...) but as I understand it (primarily due to the lack of any real central software management in Windows) it is incredibly difficult to centrally manage these, push updates, block extensions etc.
The other reason the NHS is stuck with IE is because all the other browser are standards compliant and won't work with the proprietary bull-crap that is infesting the NHS.
So if (for example) Mozilla ever get their act together and provide some way to centrally manage their software, and NHS IT managers get a clue about IT and insist of standard-only web systems; then the NHS can begin to free itself from the burden of IE.
The NHS could, of course, save millions by just ditching MS where possible and moving to more open platforms. Yes there will be training costs, but I think the massive savings in licensing costs, more up time, less demand for new hardware and greater efficiency would more than cover those costs.
The NHS could also move away from large, monolithic contracts (where appropriate) that are surely doomed to fail and go for small, light and more practical solutions. I would put "OpenMolar" forward as a small example of what can be done within the NHS with nothing more than a bit of thought. No need to pay Crap Co. millions.
Of course, this would stop the bung and junket gravy train for senior manager, civil servants and MPs; so it probably will never happen. Instead they will just keep spunky more and more of our tax money at (non-medical) consultants wil the nation gets sicker and sicker.
IT infrastructure monitoring strategies
What you need to know about cloud backup
Enabling efficient data center monitoring
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
