Industry: Health Care
Size: 10-20 staff
Can Be Compliant With:
The client is a private practice medical practitioner with 4 branch offices all connecting to an Electronic Medical Records (EMR) Application called YorkMed on a local Windows Server in the main office.
After multiple expansions, they realized their security was lagging. The setup was no longer compliant with PIPEDA or PIA.
They also wanted cloud options to make server access easier for their satellite offices.
1. PIPEDA compliance required.
2. High risk industry for a breach or ransomware infection.
3. No computer security or endpoint management in place.
4. Branch office VPN connections were not secure.
Migrating The Server: TUCU created new virtual Windows Server in Azure, hardened it., then migrated YorkMed EMR database to the new virtual server.
Integrated server AD and Azure AD: Combining the two identity servers of Active Directory & Azure Active Directory allows each user to have one identity for both server access and cloud services (i.e. firstname.lastname@example.org).
VPN’s: TUCU created an Azure VPN and connected each branch office VPN appliance via IPSEC with IDS/IPS packet inspection to filter bad actors and cyber threats.
Computer Security Upgrades: By upgrading from Windows 10 Home to Pro, all devices could be connected to the server Active Directory, Azure AD and Microsoft’s suite of security tools. Each computer was wiped and reloaded with a new OS, enrolled in Azure Active Directory to bind the computer to the Identity Management Platform, Azure AD and the Microsoft Endpoint Manager (InTune), which provides policy based controls.
We created security policies for hard disk encryption, screen locks, strong passwords, USB restrictions and session time outs. We connected each device to files on the server in the cloud and browser based access to the YorkMed EMR.
TUCU added additional security tools, including our Remote Management & Monitoring, Managed AntiVirus & AntiMalware software and our automation scripts to perform daily computer and software patches.
We then decommissioned the physical server, including physical destruction of disk drives containing patient information.
We fix techaches.
How can we help?