Menu
Industry: Health Care
Size: 10-20 staff
Solutions:
Can Be Compliant With:
The client is a private practice medical practitioner with 4 branch offices all connecting to an Electronic Medical Records (EMR) Application called YorkMed on a local Windows Server in the main office.
After multiple expansions, they realized their security was lagging. The setup was no longer compliant with PIPEDA or PIA.
They also wanted cloud options to make server access easier for their satellite offices.
1. PIPEDA compliance required.
2. High risk industry for a breach or ransomware infection.
3. No computer security or endpoint management in place.
4. Branch office VPN connections were not secure.
to provide central storage and eliminate the physical server hardware cycle
All VPN endpoints are secured and managed.
to authenticate users, deny unauthorized access, create security policies, and apply policies and permissions to each user based on job function.
To secure and manage all devices accessing company network and data.
All Azure servers and virtual desktops have Disaster Recovery enabled. In the event of a failure, devices can be rebuilt in minutes.
The client is in compliance with their regulatory requirements.
Their virtual network allows them to setup additional branch offices with ease.
With Endpoint and Identity Management, users are verified, and access is restricted. Data is safer.
Their resilience to ransomware and cyber threats has increased significantly with IT security best practices in place.
With TUCU's Managed IT Services, everything is taken care of.
Migrating The Server: TUCU created new virtual Windows Server in Azure, hardened it., then migrated YorkMed EMR database to the new virtual server.
Integrated server AD and Azure AD: Combining the two identity servers of Active Directory & Azure Active Directory allows each user to have one identity for both server access and cloud services (i.e. joe@healthplus.com).
VPN’s: TUCU created an Azure VPN and connected each branch office VPN appliance via IPSEC with IDS/IPS packet inspection to filter bad actors and cyber threats.
Computer Security Upgrades: By upgrading from Windows 10 Home to Pro, all devices could be connected to the server Active Directory, Azure AD and Microsoft’s suite of security tools. Each computer was wiped and reloaded with a new OS, enrolled in Azure Active Directory to bind the computer to the Identity Management Platform, Azure AD and the Microsoft Endpoint Manager (InTune), which provides policy based controls.
We created security policies for hard disk encryption, screen locks, strong passwords, USB restrictions and session time outs. We connected each device to files on the server in the cloud and browser based access to the YorkMed EMR.
TUCU added additional security tools, including our Remote Management & Monitoring, Managed AntiVirus & AntiMalware software and our automation scripts to perform daily computer and software patches.
We then decommissioned the physical server, including physical destruction of disk drives containing patient information.
