Password Security:           

It is recommended that the local security policy include changes to user name and password logins at the operating system level. Individual login ID's should be created and passwords should be unique and protected. Implementing such a policy now will facilitate the use of extensive operating system level auditing software in the near future (see Auditing below).  TDS will provide documentation and instructions on how to do this in the near future.

Idleout:

This will be added to future revisions of the Rx30 Pharmacy software product line. It will be a configurable value and will be entirely optional. It may be implemented or not depending on the nature of store operations.  You may also want to consider using the User On/Off option (Main Menu/Fills Menu/Option 8) whenever the technician or pharmacist walks away from a workstation. This will force the next person to login with their initials and password.

Network Security:

We are disabling remote access into systems using the TELNET protocol. Future use of the telnet protocol will be suspended and only the use of SSH (or Secure Shell) will be allowed for remote access.  Access will be limited to authorized hosts and IP addresses ONLY.  TDS already uses an advanced IP based filtering system to allow only authorized access to systems and to disallow any other access. Access from remote locations will require a software program that uses SSH as its connection method.  TDS will also adhere to using SSH when logging in for troubleshooting purposes.  Some of the more recently purchased versions of terminal emulation programs, such as POWERTERM, already include an option for SSH built in.  If your software does not have SSH available, TDS recommends the latest version of POWERTERM (produced by Ericom Software Inc.) as the program to purchase. This software package is available from TDS.

Other programs, such as Putty and Anzio Lite, can be used but TDS does not support the installation or operation of these programs.

Auditing:

In the near future TDS will be implementing newer Linux kernel architecture. This new release will provide support for Operating System level auditing to track user activity. This will require the use of individual user name and password authentication in order to be useful. (See above).

Virus Protection and Firewalls:

If Rx30 resides on a Linux based system, there is a much smaller chance that you could be the victim of data loss or system downtime due to a virus.  Microsoft Windows based systems are much more receptive to a virus.  Rx30 stores will want to strongly consider adding a firewall if they are accessing the Internet from Rx30 equipment. If you are interested, contact a networking company in your area.  TDS does not support the installation or operation of firewalls, but we will be glad to assist in any way we can.

In the Microsoft Windows environment, an appropriate virus protection package should be installed and the software should be kept as up to date as possible. TDS does not endorse one particular virus protection program over another. TDS is currently testing different anti-virus software packages in-house to be able to make a clear and concise recommendation in the future.

The only software package that TDS has had some issues with, in respect to RX30, is the Norton Anti-Virus software.  Therefore, TDS does not recommend installing it.

Encryption:

TDS is in the process of investigating updating our existing strong encryption to the even stronger government recommended standard of 128-bit DES encryption for the Lifeline system. While this standard is being implemented we assure you that our current encryption conforms to the requirements.