4-page Case Study - Posted 5/7/2008
Views: 798
Rate This Evidence:
Healthcare Firm to Save 10 Percent in Operating Costs with Easy Remote Access
Amsta Zorginstelling is a growing healthcare organization located in the Netherlands. Because Amsta must comply with stringent industry reporting regulations, it needs to provide strong security for its proprietary healthcare application, which is used to collect patient data. The company also needs to provide secure remote access because an increasing number of employees work remotely and require easy access to applications. With help from technology integration partner B-able, Amsta implemented Microsoft® Intelligent Application Gateway (IAG) 2007, which solved both of these challenges by simplifying remote access and ensuring access control and application security. As a result, IAG 2007 is helping Amsta employees access vital data from anywhere without compromising patient privacy. In addition, the company is saving administrative time and IT management costs.
Situation
 |
We had an audit that showed that we will save more than 10 percent of our operating costs by using IAG 2007. That is money we would be spending on time and management without this solution.  |
|
|
Shahab Davoudi
Head of IT
Amsta |
|
|
Amsta Zorginstelling, headquartered in Amsterdam, the Netherlands, is a growing healthcare organization that provides a range of care services and support to the elderly and people with mental disabilities. Amsta, which has 32 locations throughout the country, was formed following the 2007 merger of three Dutch healthcare companies: DkJ, Tabitha, and Zorggroep. The organization has 2,700 employees.
All of these employees use an Internet portal, through which they access a range of Web-based and other network applications, including Microsoft® Office Outlook® Web Access and an e-mail network based on Microsoft Exchange Server 2003. Employees also use the portal to access the Amsta proprietary healthcare application and an e-commerce site.
Like all healthcare organizations in the Netherlands, Amsta must comply with Nederlands Normalisatie-instituut (NEN) regulations. NEN is a standardization institute that promotes a group of strict healthcare reporting standards. “To comply with the rules, we need to protect patient information,” says Shahab Davoudi, Head of IT, Amsta. “We are also required to have excellent IT network security, which means we need to control who is logging on to our network. We cannot have this information seen by the general public.”
Since the merger, more Amsta employees have been working remotely, both from home offices and from pharmacies and other remote locations. That trend is continuing, as company officials seek to save money by boosting the number of remote workers. “Amsterdam is a very congested city, and it can take two hours each way for workers driving from their homes to Amsta office locations,” says Davoudi. “That represents lost time, lost productivity, and wasted money.”
However, remote access has been challenging. Remote employees used Web browsers to connect to the Amsta network through a Remote Desktop Protocol (RDP) connection to Windows Server® 2003 Terminal Servers at the company’s 32 locations. Some employees also used a third-party software solution to remotely access the network. These methods were sometimes difficult because employees needed to use one password to access the main portal, then another password to log on to the healthcare application. “We fielded more than 60 help-desk calls every day, mainly from remote employees telling us they had problems connecting to the network,” Davoudi says.
These connection methods also exposed the network to risk. For example, server IP addresses and employee user names and passwords were not as well protected as Amsta would have liked. “That opened up the possibility of non-employees gaining access to the network and viewing our private corporate information,” says Davoudi.
Amsta had also recently deployed Microsoft Office SharePoint® Server 2007, so employees could exchange documents and collaborate on projects. “This was only set up to be used within the local area network,” says Davoudi. “However, we really wanted to give remote and home workers access as well. But again, because of the confidential nature of the information in the documents, we were concerned with security.”
Davoudi wanted to spend more IT administrative time on building up the organization’s IT infrastructure. Instead, he found he was spending much of his time and effort on security and remote access issues.
Because the company was interested in improving both application protection and remote access, Amsta set out in June 2007 to find a new solution that would solve both of those issues.
Solution
|
With the cache-clearing technology in IAG 2007, our remote users who are using a computer at home or while at a customer site do not have to worry about patient information being accessible. |
|
|
Shahab Davoudi
Head of IT
Amsta |
|
|
Soon after beginning its solution search, Amsta became acquainted with Netherlands-based B-able, a Microsoft technology integration partner focused on IT security solutions. B-able consulted with Amsta and urged the company to consider Microsoft Intelligent Application Gateway (IAG) 2007, a solution that simplifies remote access while optimizing application security and policy control.
Part of the Microsoft Forefront™ line of business security products, IAG 2007 provides Secure Sockets Layer virtual private network (SSL VPN) functionality, a Web application firewall, and security management capabilities. The solution also includes Attachment Wiper, a technology that clears the browser cache immediately after each session is terminated—without the need for computer users to intervene. This feature makes sure that no sensitive data is left behind by the user.
B-able worked with Amsta to deploy IAG 2007 in August 2007. B-able, which specializes in IAG 2007 implementations, deployed an appliance from Microsoft Partner Celestix Networks. Based in Fremont, California, Celestix Networks manufactures preconfigured IAG 2007 network security appliances.
B-able also helped Amsta deploy Microsoft Internet Security and Acceleration (ISA) Server 2006, which integrates fully with IAG 2007. ISA Server 2006, also part of the Forefront line of business security products, is an integrated network edge security and access gateway. Amsta will use ISA Server 2006 to help prevent Web-based attacks on its messaging systems.
“The entire solution setup took only seven days,” says Yuri Bobbert, Managing Director, B-able. “We helped Amsta reconfigure the Web firewall and redirect network traffic to IAG 2007. We also linked its other remote access solution directly to IAG, so now all employees have easy access to Office SharePoint Server 2007 and Outlook Web Access.”
This ability to integrate multiple applications and remote access solutions into a single portal is a key feature of IAG 2007. As a result, users have a single place to obtain remote access to all applications. IT administrators can also use this feature to centrally manage all remote users, applications, and policies.
With IAG, Amsta can now offer all employees, including those working from home or other remote locations, a secure portal through which they can access all data and applications, such as Office SharePoint Server 2007 documents and the company’s healthcare application. Users can only access applications based on device security, user identity authentication, and policies set by the IT team. And with single sign on, Amsta users need to authenticate only once in order to access multiple applications.
Benefits
With IAG 2007, Amsta has a solution that provides seamless integration with Office SharePoint Server 2007 and custom applications. The company also benefits from strong protection that includes application security, endpoint security, policy setting, and cache wiping. The organization is saving time and money related to remote access management. In addition, IAG 2007 provides easy access for the company’s remote workers, which increases productivity.
Seamless Integration with Applications
|
Before we installed IAG 2007, we would regularly receive close to 60 help-desk calls a day from remote users. I only receive a few calls each day now. This solution has made my job much easier. |
|
|
Shahab Davoudi
Head of IT
Amsta |
|
|
IAG 2007 integrates seamlessly with Office SharePoint Server 2007 and custom applications, such as the Amsta healthcare application. Specifically, IAG 2007 features the Intelligent Application Optimizer for Office SharePoint Server 2007, an integrated software module that helps IT administrators give remote users easy access to Office SharePoint Server 2007 documents and other critical applications. The Intelligent Application Optimizer for Office SharePoint Server 2007 also gives Amsta IT administrators the ability to easily provide solid endpoint security and application publishing.
Strong Security
IAG 2007 includes features that give Amsta strong application security, which is critical in light of the organization’s need to comply with NEN regulations. “It is much easier for us now to control who gains access to our network applications,” says Davoudi. “We can use IAG 2007 to publish these applications to remote users through a central SSL VPN portal, which means our employees can securely access SharePoint documents and our healthcare application.”
Amsta is also able to take advantage of the IAG 2007 Attachment Wiper cache-clearing feature, which ensures that sensitive Amsta patient data is eliminated from computers when users have ended a session. “With the cache-clearing technology in IAG 2007, our remote users who are using a computer at home or while at a customer site do not have to worry about patient information being accessible.”
IAG 2007 also gives Amsta strong policy-based endpoint security. For example, IAG 2007 performs an endpoint assessment of a user device before access is allowed. With this capability, Amsta IT administrators can control access to applications based on the user identity and endpoint profile.
Time and Cost Savings
The money saved with this new solution is significant. Recently, the company hired an auditing firm to analyze the cost-effectiveness of implementing IAG 2007 versus other security solutions. “We had an audit that showed that we will save more than 10 percent of our operating costs by using IAG 2007,” says Davoudi. “That is money we would be spending on time and management without this solution.”
The organization’s IT staff has also been able to greatly reduce time spent on remote access. As a result of the solution, the IT team does not have to spend as much time and effort assisting remote users who have access difficulties. They can now focus on other IT issues and strategic projects. “Before we installed IAG 2007, we would regularly receive close to 60 help-desk calls a day from remote users,” says Davoudi. “I only receive a few calls each day now. This solution has made my job much easier. Because I do not spend as much time on security and remote access issues, I can really focus on my duties as an IT manager. The IAG 2007 solution has freed me to spend time migrating all of our new employees to the new domain we have created.”
Easy Access for Remote Workers
With IAG 2007, Amsta employees have far easier remote access to applications than they did before. “They only have to sign on once though the central portal, and they can quickly get to Outlook Web Access and our healthcare application,” says Davoudi. “Remote employees no longer have a difficult time gaining network access.” As a result, the number of employees working remotely has grown, which aligns with the organization’s business goals. “Before we implemented the IAG 2007 solution, we had about 50 people working from home,” Davoudi says. “The percentage of the work force with remote access has climbed to more than 10 percent, and we plan to provide remote access to the remainder of our employees. We will be able to do that because of the easier access we can give them.”
For More Information
For more information about Microsoft products and services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Information Centre at (877) 568-2495. Customers who are deaf or hard-of-hearing can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234 in the United States or (905) 568-9641 in Canada. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information using the World Wide Web, go to:
http://www.microsoft.com/
For more information about B-able products and services, visit the Web site at:
www.b-able.nl/
• B-able helps companies implement IT security software solutions.
For more information about Celestix Networks products and services, visit the Web site at:
http://www.celestix.com/
• Celestix Networks creates security appliances and provides security solutions.
For more information about Amsta Zorginstelling products and services, visit the Web site at:
www.amsta.nl/
Microsoft Forefront Product Portfolio
The Microsoft® Forefront™ comprehensive line of business security products provides greater protection and control through integration with your existing IT infrastructure and through simplified deployment, management, and analysis. Forefront is a comprehensive solution that helps provide protection for the client operating system, application servers, and the network edge.
For more information about the Forefront product portfolio, go to:
www.microsoft.com/forefront
This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Document published April 2008
