There are many reasons why HIPAA compliance is so critical. One, a data breach exposes patients’ confidential records. This not only breaks the trust, it is a major privacy invasion. Not only that, if the breach is somehow made public, the health care provider’s reputation is damaged.

There are also serious financial consequences. In fact, both the health care provider and their MSPs could be on the hook for fines and penalties.

Roy Herron, systems analyst for the Methodist Healthcare Ministries (MHM) in San Antonio, was well versed in HIPAA and the compliance benefits of VSA by Kaseya. Prior to working for the healthcare organization, Herron had worked for a managed services provider (MSP), where he became acquainted with the remote monitoring and management (RMM) solution. He knew the software would be able to bring IT efficiency and compliance to the fast-growing healthcare system.

Compliance and Security

As a healthcare concern, MHM has serious compliance regulations to meet. “VSA is a big help in keeping costs down and allowing us to stay in compliance with HIPAA and the HITECH Act,” Herron said. While complying with these regulations takes a lot of effort, it also creates a safer environment. “The HITECH Portability Act is a big component of our security checklist. It helps keep everything up to date, which is a big thing to protect from breaches,” he added.

VSA also comes in handy when dealing with breaches. “I use it to correlate data if we have a suspected breach. I correlate between our Active Directory, DNS, who logged on to the machine, and what is going on,” Herron said.

Value of Auditing

Auditing is important to understand where your IT infrastructure has been and to protect the network. It is also absolutely critical for compliance. “Auditing allows me to change local usernames and disable them to keep well-known usernames from being used against our system for breaches. Instead of having to change the administrator password, I send out a bulk one and it is done like that,” Herron said. “I have auditing trails on every one of our computers and see who is logged in currently or who logged in.”

Remote Control and Management

MHM employees are scattered throughout rural areas in South Texas. With “half of our people in San Antonio and 100 to 120 users in remote very rural areas,” according to Herron, sending technicians to these sites was becoming unwieldy.

VSA has been a total game changer. “VSA has made it way more efficient. I do not have to take four hours out of my day where I cannot take calls, do tickets, or help anybody out,” Herron said. “VSA keeps us from having to send a technician out to fix their computer. I remote-on to it to help them with whatever they need, such as email or our next-generation health system, and fix it in five to 10 minutes.”

The Power of Patching

With most breaches impacting unpatched computers, keeping machines up to date is an essential safeguard. “I use VSA  for Windows patch management instead of having to have three or four different servers just to manage the patches. Everything is agent-driven right now. I have about a 92 percent patch rate within a week of when a new Microsoft patch is released. It is easy to set up. I did not have to tie in with everything else. You set up your policies and automation — and let it go,” Herron said.

Multiplatform is also essential. “It patches third-party software, not just the Microsoft Windows updates. I patch Firefox, Java, and some Flash. That is a big help. Otherwise, you probably have to send somebody out to physically patch each system, or spend tens of thousands of dollars on SCCM or SCE from Microsoft,” he said.

Meanwhile, the unified interface makes tasks easier to perform and manage. “The single pane of glass lets me see a group of our users and patching states. I can push everything out from my desk. Over the course of the day, it saves me probably two to three hours walking around,” he said.

Role of Reporting

Reporting is another key VSA attribute. “VSA lets me do reports to see which machines don’t have a service running or if something’s wrong. It tells me if they have not been patched, or how many patches are missing. That is big for compliance. One of the big factors in keeping your environment secure is patching,” he said.

Connecting with Live Connect

VSA’s Live Connect brings remote access to a completely new level, providing fast access to the computer even while an end user is working. “I am a heavy user of Live Connect, using it for command prompt scripts or VBS scripts that need to run, and to transfer files between computers. I also see in real time the processor usage and memory usage so I can tell that a machine may need more memory, or something on the computer is eating up the processes,” he said.

VSA and Live Connect are a big part of the IT efficiency story. “The time savings is plus or minus 20 to 30 minutes on a single call. It keeps call volume down, and our throughput has gone up significantly — probably by as much as 75 percent,” Herron estimated.

Two Factor Authentication Adds an Extra Layer of Protection

MHM has just acquired AuthAnvil by Kaseya, which offers two-factor authentication (2FA). Herron is contemplating ways to put it to work. “We are looking at use cases like tying it into our electronic health record system and using it for sign-ins and sign-outs,” he said.

Herron also likes the idea of password cycling. If a password changes every five minutes, even if an intruder gets the password, it will change in a matter of minutes – blocking access.

Read the full case study here.

The post VSA by Kaseya Keeps Methodist Healthcare Ministries HIPAA Compliant appeared first on Kaseya.

Are you an IT manager or systems administrator who wakes up in the morning eager to start the day? Do you think about how good the day is going to be while taking your morning shower? Are you excited to get to work? If not, there’s a way to recover the magic and pass the morning shower test. Let’s look at a typical day-in-the-life in IT operations.

Why You Might Not Pass the Test

As an IT manager, you have a tremendous amount of responsibility in planning and directing the IT systems activities in your company. Installation, maintenance, and oversight for every piece of hardware and software fall into your lap. On good days, it’s a challenge. On typical days, it can be a migraine in the making.

You get up in the morning and check your email first thing to see everything from the usual “I can’t log in” to an urgent request from the CFO that his laptop crashed and he must have it restored for an important meeting.

You look at your “to-do” list for the day and see that security patches need to be installed, a number of machines haven’t been upgraded yet, there are meetings with management in the afternoon, a new hire needs to be added to the network with the proper permissions, and a server backup needs to be set up and started.

You try to set up priorities, but there will always be, without fail, issues that arise during the day that will have higher priorities than your list.

Some of these issues have you wishing you could channel an inner Nick Burns, the Saturday Night Live Computer Guy. Instead, you put out fires all day and manage to get most of your list accomplished.

The CEO doesn’t realize all you’ve done during the day – he just notices what wasn’t done, and wonders what you did all day.

You don’t leave at quitting time because you weren’t able to get some of the computers upgraded because the users’ work couldn’t be interrupted; you have to wait for them to leave for the day so you can get the backup started; and you weren’t able to get the security patches installed due to too few hours in the day.

You hardly have any time to call your own during the working hours. And it carries over to “time off” as well, because when there is an IT emergency, night or day, holiday or vacation, who gets the call? A recent survey found that 72% of IT managers and system administrators questioned reported that they were interrupted while on vacation for IT emergencies – 20% saying that their vacations were cut short or ruined by the emergencies. Another study asked where the most inconvenient place was that they’d received an alert. The answers ranged from “At a wedding where I was a groomsman” to “At a funeral.”

No matter what your IT budget or the size of your IT department, problems seem to snowball, and by the end of the day, they have turned into an avalanche. It’s not because of a lack of expertise – you just don’t have the resources in-house to get everything done. It doesn’t have to be that way. There are affordable and easy to implement solutions that will give you back control of your life.

Pass the Test – Here is a Better Way to Spend Your Day

You arrive in the morning and go through your emails. Among them are notices that a server had issues overnight, but was automatically rebooted and put back online and is now functioning normally. What emails are missing? The “I lost my password” and “I can’t get logged onto xyz server” emails, because the users had access to a self-service portal and solved these issues easily themselves.

Patching and updating machines and software is done automatically based on policies that make sense for your company. For issues that can’t be taken care of automatically, you can remotely access the problem device and look into the issue in the background without disturbing the user.

You log into one control interface to access all of the machines you are responsible for (on and off network) to check on status, verify processes, and run diagnostics where necessary. Alerts are automatically turned into service tickets and assigned to your staff.  You easily onboard new hires, and you offboard exiting employees with a simple click.

All this efficiency allows you to focus without interruption on critical issues like researching new solutions that can help end users or customers get more done, and performing key IT functions that grow the business.

You say you need to generate complete reports for the afternoon meeting? Because the information is centrally located, it is done quickly and easily. You are able to report to the CEO on all the things accomplished in the day, and he’s impressed by the efficiency – and especially by the resulting savings to the bottom line.

You were able to get more done in the day than you imagined. When it is time to go home, you leave with the rest of the employees. The backups are automatically set to take place and will be automatically monitored to ensure they are done successfully.  Because your remote management is web-based, you are able to check in one last time from home to be sure everything is running smoothly at work.

What Makes the Two Days So Different?

The IT manager who passes the shower test is the one who has turned to Kaseya for IT systems management services. With Kaseya, you have a single integrated solution that allows you to control your entire IT infrastructure from a central location, manage all services and devices remotely, and automate many routine maintenance operations. Now, you can spend less time putting out fires and more time on strategic IT.

You feel good about getting more done, and look forward to the next day because you know it will be manageable and productive.

To read an eye-opening account of an hour-by-hour day of an IT manager who uses a Kaseya solution versus one who does not, download our A Day in the Life of a Systems Administrator eBook now.

Haven’t got enough time to enjoy all the non-IT things you love? Read our eBook The IT Pro’s Secret to Finding Time for the Other Things you Love.

The post Day In the Life of a System Administrator – What Would You Do with More Free Time? appeared first on Kaseya.