It’s pretty difficult to visit a news site – or turn on a news channel if you prefer TV – without seeing yet another retail store has had its data compromised.
Even the U.S. government’s employees aren’t safe, with hackers recently gaining access to the personal information of some 21.5 million workers. While these industries have made huge efforts to curb risk, there is still one that has some catching up to do, leaving it among the most vulnerable: healthcare. Just to give you some perspective, according to a Bitglass report published last year in SC Magazine, compared to other industries, healthcare accounts for 44 percent of all data breaches.
It’s clear that more needs to be done to keep health-related information safe. But the real question is, what more cancompanies do?
In this blog post, we’ll talk about the benefits to having a Virtual Desktop Infrastructure (VDI); VMware’s Horizon Suite, a solution uniquely suited to address data breach issues; and, how we at Rolta AdvizeX can help.
Sensitivity Overload
Sometimes it might feel like we’ve become a bit de-sensitized to data theft news. But unlike credit cards, there’s no liability limit on personal information hackers get from healthcare companies. This includes social security numbers, birthdates, names, addresses, and, most importantly, personal health information (PHI).
There are many ways that data can be compromised, we traditionally think about hackers compromising perimeter defenses to gain access to sensitive data but in addition to hackers, information is compromised when people misplace or have their devices stolen– laptops, cell phones, tablets.
Solving the Problem
One of the best ways healthcare companies can protect their data is by implementing VMware’s Horizon solution. Whereas VDI might have been rather cumbersome and cost prohibitive in the past, todays flash technology has become more sophisticated – and significantly less expensive – enabling more companies to take advantage of its benefits.
VDI is a fundamentally more secure approach to end user computing for several reasons. VMware’s protocol for sending data from the virtual desktop to the endpoint device is call PCoIP. This protocol sends bitmaps of the desktop over the wire to the device, so no data is ever stored there. As a result, if someone does compromise your device (or you accidentally leave it at your morning Starbucks run), none of the sensitive information will be there – limiting the exposure the healthcare company incurs.
Inside the hospital as well there are typically many desktops, laptops, and mobile devices that are being deployed in the clinical areas to offer staff easy access to clinical systems. IT has a significant burden when these devices are being decommissioned to ensure there is no PHI data on them or risk facing severe fines. Again, with VDI since no data is resident on the endpoint device the process of decommissioning devices is vastly simplified. Another added benefit, the need for whole disk encryption, a timely and cumbersome process can also be reduced or eliminated.
Additionally securing remote access to key applications is a business critical function for most healthcare organizations. Physicians in particular need to able to access patient data securely when they are not in the hospital for consultation or to prepare for cases the next day.
Part of the VMware solution includes the View Security Server which sits in the DMZ and proxies connections from endpoint devices from the Internet to virtual desktop in the datacenter over SSL. It is also capable of integrating with many popular two-factor authentication platforms such as RSA for added security. This technology has largely eliminates the need for VPN to be granted to end-users.
VPN while does secure the connection from the client to the datacenter, it potentially exposes the corporate network to malware and viruses that could be resident on the endpoint device. Many organizations to avoid this distribute laptops to physicians for the sole purpose of remote access. Using the View Security Server for remote access allows the physician to use any device and access clinical system in a secure fashion. Also there are additional controls that can be implemented such as limiting printing capabilities or the use of USB thumb drives while the user is remote.
How We Can Help
The implementation of VDI can be a huge change to the organization, but this is where Rolta AdvizeX shines. As one of the top VMware partners in the country, we are uniquely qualified to help with this type of project. Rolta AdvizeX has developed a repeatable multi-phased approach that consists of assessment, proof of concept, pilot, and production implementation RoltaAdvizeX has a team of certified VMware professionals including VCDXs to ensure that the design and implementation of your VDI project will meet the functional and performance requirements of a demanding healthcare organization.
Additional Support
With Rolta AdvizeX’s Plan, Build, Manage approach, we maximize the useful life of existing investments, take advantage of new technologies, like the cloud, and simplify the complex by integrating multiple technologies into a single service agreement.
Rolta AdvizeX also offers a full list of Managed Services, including cloud, network, database, infrastructure, storage, back up, and applications services. Contact Rolta AdvizeX today to find out how we can help your company save time, resources, and money. ▪