Citrix Case Study: Saint Francis Hospital

Citrix Case Study: Saint Francis Hospital

Saint Francis Hospital and Medical Center is an acute care hospital located in Hartford, Connecticut. Since its founding by the Sisters of Saint Joseph of Chambéry in 1897, Saint Francis has grown into New England’s largest Catholic hospital, with 617 beds and major clinical concentrations in oncology, cardiology, orthopedics, rehabilitation, and women and infant services.

The challenge: Consolidating 34 legacy applications into a single EMR Platform and addressing their Mobile device risk growth.

As an early innovator in the healthcare industry, they were already deploying computerized physician entry (CPOE) systems far back as 20 years ago.  This was at the time before patient management software were an American healthcare standard.  At present however, the IT leaders in the organization have recognized that they need to simplify and consolidate their 34 legacy applications into a single unified electronic medical record (EMR) platform if they want to continue to be ahead of the industry.  This is especially challenging when considering that a majority of the hospital’s doctor’s work in independent offices.

The Solution: Deploying a new EMR system across thousands of workstations and mobile devices

Saint Francis had already been using Citrix technology for years, specifically Citrix XenDesktop and Citrix XenApp (now VirtualDesktop and VirtualApp respectively).  These products helped Saint Francis with their on-demand application delivery for both their physical and virtual desktop infrastructure (VDI).  However, the main problem they encountered after they did a preliminary security audit was that there were security gaps due to the approach they took with mobile devices.  So to ensure that they kept their users empowered with the choice of their own device, they decided to also use XenMobile to help lessen the security threats. “When XenMobile arrived on the scene, we were able to get all the features we wanted, along with a simple licensing package from a vendor we already trusted.” Says Paul Dzierwinski, manager of systems administration at Saint Francis.

After 18 months of preparation, the hospital was successful in transferring their 1.3 million patient records in a smooth rollout.

Key Benefits

Helping ensure the timely launch of a new enterprise-wide platform

  • The team checked with all workstations to ensure that during launch period that each endpoint would run smoothly.

Facilitating the exchange of patient information and reducing medical errors

  • The streamlined EMR system helped convenience customers so that patient records could be shared securely via the system to the intended recipient, be it hospitals, doctors or healthcare entities.

Enabling anytime, anywhere access to EMR data as part of a larger BYOD initiative

  • The bring-your-own-device (BYOD) initiative has helped end users have a seamless experience while making sure that Saint Francis has a degree of control for security, being able to wipe a lost phone is one of the possibilities.

To learn more about Citrix products, you can visit our product page here or you may contact us at 893-9515 and we would be happy to help you!

Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

In case you didn’t hear, another big vulnerability was reported by Microsoft on May 14, 2019 known as “BlueKeep” which takes advantage vulnerabilities of Remote Desktop Services (RDS), Remote Code Execution (RCE), and Remote Desktop Protocol (RDP).  However, BlueKeep only affects older version of Windows, so users of Windows 10 and 8 can rest easy.  The severity of the vulnerability though has forced the hand of Microsoft and they have actually made and released a security patch for its unsupported versions.  They have classified this vulnerability as a critical level threat.

This is why as of June 4, 2019, Microsoft once again urged its customers to apply the patch as soon as possible as more than 1 million devices are still vulnerable to the attack.  This is to avoid another widescale malware attacks like those of the WannaCry ransomware attack back in 2017.  Many companies were affected by the attack and caused many business operations to stop, more notably hospital operations.

What can you do to avoid being affected?

Microsoft has already provided the solution to BlueKeep, make sure you download the latest security patch for your corresponding OS (you can find the patches here).  You may need to reboot your servers to ensure the patch is running properly.

For those who are Trend Micro users, specifically those who use Deep Security, if you are unable to apply the patch due to other reasons, such as being unable to reboot your servers, please make sure that you apply the correct policy for the virtual patching of Deep Security to ensure the security of your servers.  Below is the Deep Packet Inspection (DPI) rule:

  • 1009749 – Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability

You can view the official Trend Micro article on it here.

For those who are looking into a longer-term solution, you can consider solutions such as Citrix Gateway and Virtual Apps to secure your remote connections to Windows servers.

To learn more about these solutions, you can contact us at 893-9515 and we will help introduce you to different options that you have to help prevent these kinds of vulnerabilities!