Five Data Protection Requirements in Healthcare that Unitrends can Help you Solve

Five Data Protection Requirements in Healthcare that Unitrends can Help you Solve

When it comes to business continuity, the healthcare industry faces many unique requirements and challenges.  With the need of 24 hours, 7 days a week and 365 days availability, and the need to safeguard the content of their electronic health records (EHRs), it can be a hard task to fulfill while still keeping within a reasonable budget.

This is where Unitrends can help.  Below are a few unique requirements that the healthcare industry faces and how the Unitrends solution meets to solve them.

  1. Uptime Requirements

When it comes to recovery time objectives (RTO), most industries have them in hours as they have more time to work with.  This doesn’t follow for the healthcare industry as they need their RTOs in a matter of seconds or minutes.

Unitrends Instant Recovery can failover applications in literally seconds. Unitrends Recovery Assurance delivers automated recovery testing, site and application failover, ransomware detection, and disaster recovery compliance, both locally and in the Unitrends Cloud.

  1. Highly Targeted by Ransomware

Due to the nature of healthcare, data of patients are critical for the business to function.  Ransomware criminals are aware of this and that is why the industry is a prime target.

Unitrends products can do security scans against your production applications – but using your backup data instead. It can spin up your applications in a specific order, isolate them from production, execute security tests, and automate reports and alerts immediately upon detection of ransomware

  1. Highly Regulated

For companies that need to work with the Protected Health Information (PHI) must ensure that all the required physical, network, and process security measures are in place, well documented and strictly followed.  This is required by HIPAA.

Unitrends offers a portfolio of 15 all-in-one enterprise physical appliances that are pre-loaded and pre-tuned with powerful software that not only covers on-premises backup but also long-term retention and disaster recovery in the HIPAA compliant Unitrends Cloud.

  1. Must Control Highly Proprietary Data

Healthcare IT must know where their physical data is located at all times of the lifecycle as well as control who can access it.

Unitrends Recovery Series and Unitrends Backup software can replicate data locally, to a remote site or to the HIPAA-compliant Unitrends Cloud. From any of those locations data can be stored for long term retention and / or used for disaster recovery purposes.

  1. Support Large Numbers of Non-computer Savvy Users

Usually, the general staff of healthcare are considered to be beginners or illiterate when it comes to new IT related technologies that have come out in the recent years.  This makes them very prone to mistakes which in turn can keep their IT counterparts quite busy.

With a common and intuitive user interface across all products, even untrained IT staff can easily find individual files in backups. A few clicks and the entire recovery process, from login to file restoration usually takes less than 5 minutes.


To learn more about Unitrends, you may contact us at 8893-9515 and we would be happy to help you!

Cisco Meraki: Your First Year is on Us

Cisco Meraki: Your First Year is on Us

Are you thinking of switching or experiencing the simplicity of the Meraki Dashboard? Or are you a current Meraki user looking to expand your Meraki lineup?  You’re in luck! For a limited time only, Meraki will be running a “First Year on Us” promo.

For a limited time only, any customer that purchases a new Cisco Meraki cloud management license for 3 years or more will get an additional year added at no extra cost! The extra 365 days are added automatically in the dashboard. No further steps required.

First Year On Us is available globally. License renewals do not qualify for this promotion.

Why Cloud Networking and the Meraki Dashboard

Cloud networking helps IT departments ensure greater reliability, easier day-to-day management, and lower running costs. The Meraki dashboard gives administrators unparalleled visibility into the network users, devices, and applications.

Administrators can view in depth analytics at the tip of their fingers. They can also quickly create access control and application usage policies to enhance both the end-user experience and network security.


For more information about this promo, you may reply to this email or directly call us at 893-9515 and we would be happy to help!

*Terms and conditions will apply.

CT Link Advisory: Contact Number Changes

CT Link Advisory: Contact Number Changes

Earlier in the year, the National Telecommunications Commission (NTC) released the Memorandum Order 10-10 2017 which states that numbers covered in the area 2 code like Metro Manila and some parts of Bulacan, Cavite, and Laguna will have their numbers expanded 8-digits from the current 7-digits.  So, in compliance, we will be expanding our corporate and fax numbers.  Below are our new numbers in which you can reach us:

Landline: 8893-9515

Fax: 8893 5856

These changes will be effective on October 6, 2019.  So, for your further inquiries with us please contact us with our new Landline number!

Ransomware Attack Hits Hundreds of Dental Clinics all over the US

Ransomware Attack Hits Hundreds of Dental Clinics all over the US

Towards the end of August, another big ransomware attack hit the dental industry in the US.  Hundreds of dental offices were compromised suddenly causing many dentists to be unable to access their patients records.  This attack was orchestrated by a ransomware gang which compromised a software provider and using their product to spread the said Ransomware.

 For this case, the compromised providers were The Digital Dental Record and PerCSoft, who collaborated on the product DDS Safe, a medical records retention and backup solution specifically marketed to dental offices in the US.

According to ZDNet (you may view the original article here), a hacker group was able to compromise DDS Safe which they used to deploy REvil (Sodinokbi) ransomware.  This was then only discovered the Monday after when the dentists came back to work and found that all their patient records were encrypted and beyond their reach.

Two offices opted to pay the ransom as they were in dire need of their patient records.  Others implemented the solution provided by The Digital Dental Record and PerCSoft.  However the recovery had issues as comments on their Facebook group were filled with responses of either it didn’t work or they weren’t able to recover all their data.

This isn’t the first time an incident like this has happened, there were two more cases where a managed service provider was compromised.  The first incident happened in June where a group was able to compromise unidentified MSPs, which used Webroot SecureAnywhere consoles to infect PCs with the REvil (Sodinokibi).  The second time happened just a week before the DDS Safe attack, where 22 Texas counties were infected with ransomware.

To learn more about ransomware and the measures you can take to protect your company, you can contact us at 893-9515 and we would be happy to answer your inquiries!

AIP Scanner: Automating Data Protection for your Organization

AIP Scanner: Automating Data Protection for your Organization

Organizations these days have large amounts of unstructured data just being left alone in their on-premises data repositories and SharePoint libraries.  With the amount of data usually amounting to terabytes (or even Petabytes in some cases), it can seem like a daunting task which can take long hours to accomplish.  However, with the help of some tools and apps, this seemingly difficult task may not seem that daunting anymore.

This is where Azure Information Protection (AIP) Scanner comes in.  AIP Scanner can scan your on-premises data repositories against the standard Office 365 sensitive information types and custom types you build with keywords and regular expressions.   Once the data is discovered, the AIP scanner(s) can aggregate the findings and display them in Analytics reports so you can begin visualizing your data risk and see recommendations for setting up protection rules based on the content.

Benefits

Below are some key benefits that one organization who is currently using AIP Scanner have mentioned:

Enhanced functionality:  AIP scanner has the capability to not only scan sensitive data, but also to apply labels and encrypt files. PDF and RMS-encrypted files can be scanned as well, given that the operator is an accredited RMS superuser.

Simplified management processes: AIP scanner has an integrated view with centralized logging for the scanner results which make viewing and managing them easier especially when you are scanning large amount of data.

Consistent scan results across the enterprise: With AIP Scanner, you can reuse Office 365 DLP information types meaning that you don’t have to rebuild policies between your cloud scans and third-party products.

To learn more about AIP scanner, you can visit the original article here or you can contact us at 893-9515 and we would be happy to answer your inquiries!

Citrix Case Study: Saint Francis Hospital

Citrix Case Study: Saint Francis Hospital

Saint Francis Hospital and Medical Center is an acute care hospital located in Hartford, Connecticut. Since its founding by the Sisters of Saint Joseph of Chambéry in 1897, Saint Francis has grown into New England’s largest Catholic hospital, with 617 beds and major clinical concentrations in oncology, cardiology, orthopedics, rehabilitation, and women and infant services.

The challenge: Consolidating 34 legacy applications into a single EMR Platform and addressing their Mobile device risk growth.

As an early innovator in the healthcare industry, they were already deploying computerized physician entry (CPOE) systems far back as 20 years ago.  This was at the time before patient management software were an American healthcare standard.  At present however, the IT leaders in the organization have recognized that they need to simplify and consolidate their 34 legacy applications into a single unified electronic medical record (EMR) platform if they want to continue to be ahead of the industry.  This is especially challenging when considering that a majority of the hospital’s doctor’s work in independent offices.

The Solution: Deploying a new EMR system across thousands of workstations and mobile devices

Saint Francis had already been using Citrix technology for years, specifically Citrix XenDesktop and Citrix XenApp (now VirtualDesktop and VirtualApp respectively).  These products helped Saint Francis with their on-demand application delivery for both their physical and virtual desktop infrastructure (VDI).  However, the main problem they encountered after they did a preliminary security audit was that there were security gaps due to the approach they took with mobile devices.  So to ensure that they kept their users empowered with the choice of their own device, they decided to also use XenMobile to help lessen the security threats. “When XenMobile arrived on the scene, we were able to get all the features we wanted, along with a simple licensing package from a vendor we already trusted.” Says Paul Dzierwinski, manager of systems administration at Saint Francis.

After 18 months of preparation, the hospital was successful in transferring their 1.3 million patient records in a smooth rollout.

Key Benefits

Helping ensure the timely launch of a new enterprise-wide platform

  • The team checked with all workstations to ensure that during launch period that each endpoint would run smoothly.

Facilitating the exchange of patient information and reducing medical errors

  • The streamlined EMR system helped convenience customers so that patient records could be shared securely via the system to the intended recipient, be it hospitals, doctors or healthcare entities.

Enabling anytime, anywhere access to EMR data as part of a larger BYOD initiative

  • The bring-your-own-device (BYOD) initiative has helped end users have a seamless experience while making sure that Saint Francis has a degree of control for security, being able to wipe a lost phone is one of the possibilities.

To learn more about Citrix products, you can visit our product page here or you may contact us at 893-9515 and we would be happy to help you!

2018 Security Review: Looking at Old and New Threats

2018 Security Review: Looking at Old and New Threats

Cybersecurity is something all companies big and small need to pay attention to as more attacks are becoming increasingly more popular.  With company data being a corner stone of a business, it is no wonder attacks are becoming more frequent, if they can take your data then they can profit, its as simple as that.  Therefore, taking the time to review what has happened in the past is becoming more crucial in finding ways to make sure that you don’t fall victim to attacks that already have known fixes.  So, let’s look at some stats in 2018 from Trend Micro and see what the kind of attacks were done.

Messaging threats

Business emails are now a very important messaging tool within an organization or to external organizations and clients.  However, this has made it an attractive platform for cybercriminals as well.  In 2018, there was an increase of use of various messaging threats, there was an 82% increase in phising URLs compared to 2017.  There were also new modes of phising attacks done recently which made use of chats, SMS and other communication applications.

Besides phising, another form of messaging attacks that was widely used in 2018 was the business email compromise (BEC).  A BEC attack usually is done by either initiating or intercepting communication and to mislead employees to release or transfer funds to their own account.  This form of attack has a low success rate, however when it does succeed, the financial loss could be massive.

Ransomware

Ransomware on the other hand has seen a steady decline in 2018.  From the over 600,000 ransomware cases in 2017, now down to around 50,000 in 2018.  This can be attributed to more solutions readily available in the market that are keeping the threats at bay.

Cryptocurrency mining on the other hand has seen a new peak in 2018, with over 1.3 million detections, which is a 237 percent growth from the previous year.  There have been ample of ways that cryptocurrency-mining attacks have been perpetuated throughout the year, some examples are via penetration of ad platforms, popup ads, malicious browser extensions and many more.

To get a more in-depth security review, you may visit the original Trend Micro Security Review here.  If you have any inquiries on how to keep your business safe, please contact us at 893-9515 and we would be happy to help!

Security Advisory: SWAPGS Attack

Security Advisory: SWAPGS Attack

A new Security Vulnerability was recently announced by Microsoft which can be considered a variant of the old Spectre vulnerability.  This new vulnerability is called the SWAPGS attacks.  Its name comes from the fact that the vulnerability leverages on the “SWAPGS instruction”, one of the predictive executions within the affected processors which helps improve the speed of our computers.

So which systems are affected?

The researchers from BitDefender, the ones responsible for the discovery, have stated that the vulnerability affects all Intel CPUs manufactured from 2012 to the present.  However, Red Hat has also come out with its own security advisory  stating that the vulnerability affects x86-64 systems using both Intel and AMD processors, which AMD itself disputes as its own statement on this matter states they are not affected by the vulnerability.  The advisory also stated that from the industry feedback, they are not aware of a way to exploit this vulnerability of Linux kernel-based systems.

Is this attack easily executed?  Am I the target for these attacks?

With the details of these attacks fully disclosed, the chances of becoming a victim of these attacks are a lot higher.  However, as these kinds of attacks are very time consuming, cyber criminals would be more likely to attack more lucrative targets such as organizations or their key personal rather than target smaller individuals.

“Criminals with knowledge of these attacks would have the power to uncover the most vital, best-protected information of both companies and private individuals around the world, and the corresponding power to steal, blackmail, sabotage and spy,” Gavin Hill, vice-president for datacenter and network security products at Bitdefender warned.

What can I do to prevent this?

Firstly, this vulnerability was already included in the July 9 security update of Microsoft, so if you’ve already up to date with the security patches you don’t have to do anything.

As for existing Trend Micro users, given that this is a local type of vulnerability, Trend Micro IPS rule cannot be created for this. Vulnerability exploitable with only local access requires the attacker to either have physical access or be logged on to the vulnerable system. DPI can only detect attacks over the network.

As stated above, it would be best to immediately update your OS Security Patches, you may find a list below:

For more inquiries regarding this vulnerability, please do contact us at 893-9515 and we will be happy to answer them!

Beyond Office: Maximizing and Securing your investments with Office 365

Beyond Office: Maximizing and Securing your investments with Office 365

Are you Maximizing your Office 365 Investment? How about Securing Your Corporate Data?

So your business has invested (or is looking to invest) in Office 365, you’ve made sure that every user has a subscription and everyone is fairly happy using all the familiar office apps like Word, Excel and PowerPoint.  This however is only scratching the surface of your investment in Office 365, there is much more to office 365 then the office suite. 

Learn first-hand from our experts from Microsoft on how you can maximize your investment into office 365 as we take a look at some lesser used applications from the suite.  We’ll also be briefly be discussing one of the new security aspects in Office 365, Azure Information Protection (AIP), which will help you complete your DLP requirements in this age of digital transformation.

Get in touch with us at 893-9515 to learn how you and your company can register for this upcoming workshop!

How Citrix SD-WAN helped AgriFish provide better Connectivity at Sea

How Citrix SD-WAN helped AgriFish provide better Connectivity at Sea

The Danish AgriFish Agency, which oversees the Danish agricultural and fishing industries, is responsible for promoting the growth and responsible management of Danish natural resources. The agency works closely with farmers, fisheries, researchers, organizations and other governmental agencies to support its mandate. As part of its oversight responsibilities, the Danish AgriFish agency relies on a fleet of agency ships to inspect fishing activities in Danish territorial waters.

The problem that AgriFish encountered was the weak mobile coverage at sea, which the crew needed to access applications such as Microsoft Office as to communicate with those on land.  This forced them to have to go closer to shore to get enough reception, which was counter productive as they left the area of inspection most of the time.  This does not event factor in them manually managing their mobile connections as they had no visibility on what connections were functioning properly.

So how did they solve these issues?

They were soon introduced to Citrix NetScaler SD-WAN.  This solution helped them aggregate all their links so that instead of manually checking each link for the best connection, it would check each link and see which connection was best to use at the time, making sure each links were active rather than passive.  Combined with another Citrix solution, XenDesktop and XenApp, end users were able to remotely access their applications without and noticeable performance problems.

“Only one month after we went into production, the benefits were very obvious,” says Bjarne Lund, team manager for infrastructure development at AgriFish. “NetScaler SD-WAN consolidates multiple connections, so now the control vessel can make use of 3G/4G/LTE from all four cellular suppliers and satellite at the same time. The mobile coverage is increased dramatically.”

To learn more on how we can help you provide better connectivity to your remote sites, you may contact us at 893-9515 and we would be happy to answer your inquiries!