1. /
  2. Confident Insights Newsletter/
  3. Protecting a Moving Target

Protecting a Moving Target

October 19, 2009


The Visiting Nurse Service of New York stepped up its security for its mobile workforce and improved compliance while saving labor costs using Symantec products.
Visiting Nurse Service of New York (VNSNY) is the largest and oldest not-for-profit home healthcare organization in the country, with over 2 million home visits in 2007. Its 12,000+ healthcare employees provide in-home service to patients who need it in the New York metropolitan area, as well as Nassau and Westchester counties. The service’s unique, home-visit care presents IT challenges, however.
For any healthcare provider, protecting the data of over 130,000 patients would be difficult enough, but when VNSNY employees remotely access medical records while serving their home-bound patients, VNSNY security becomes as vital as the healthcare it dispenses.

Security and Management Challenges

VNSNY determined its endpoint security and security management required extensive upgrades to better serve its patients and its healthcare employees. In particular, the VNSNY IT team set four goals for improving compliance, management, and security of its 24×7 operation:

1) Streamline its security management processes.

2) Monitor and manage technology environment more proactively.

3) Upgrade defenses against unauthorized access and security threats.

4) Expedite response to security events.
After product research and a long-term successful experience with Symantec AntiVirus, Veritas NetBackup, and Symantec Ghost Solution Suite, VNSNY decided to install and deploy a number of Symantec solutions to fill its security and management needs on its extensive enterprise network.

Managing Security and Infrastructure

First, to improve its IT security infrastructure management, VNSNY installed Symantec Security Information Manager to automatically collect and correlate security log data to improve monitoring and response to security events. Previously, the team had to manually analyze the logs of over 60 applications, systems, servers, and network devices. With Altiris Client Management Suite, VNSNY added inventory, software delivery, and patch management capabilities. This enables IT administrators to perform these tasks for endpoints at all 80 VNSNY locations, as well as the tablet PCs used by field workers, from one location, saving time and labor costs throughout the organization. According to Randy Cleghorne, chief technology officer of VNSNY, “The main focus of Altiris Management Suite was to be able to push products to the devices, and especially to make sure they had the latest antivirus updates and patches.”

Threat Management

VNSNY engaged the Symantec DeepSight Threat Management System for proactive threat monitoring and better threat management. With over 15000 new vulnerabilities released daily, it became increasingly difficult to ascertain exactly which threats directly affected the VNSNY network, but with DeepSight, the team receives only the threat notifications that affect its infrastructure. These notifications are prioritized according to the level of risk, allowing the IT staff to more efficiently protect their environment. As a result, the IT staff no longer needs to compile and research threat reports and can spend its time proactively addressing actual threats to its systems.

Symantec Deployments in Process

VNSNY is in the process of upgrading from Symantec AntiVirus to Symantec Endpoint Protection to provide comprehensive antivirus, antispyware, firewall, intrusion protection, and device and application control to the organization’s endpoints. “We had our Risk Management Committee, our CEO, and CIO saying, ‘I’m seeing all of these news articles and I’m talking with my peers about how they were hit with this or that. Where are we? Are we protected?’” recalls Randy Cleghorne, chief technology officer at VNSNY. With Endpoint Protection, VNSNY is adding important layers of protection beyond antivirus software.
In addition, the deployment of Symantec Endpoint Encryption boosts data security for its mobile workforce by ensuring that all sensitive data on mobile devices is heavily encrypted. “Our clinicians and executives are very mobile, so the risk of the loss or theft of a tablet or laptop is increased. Symantec Endpoint Encryption gives me peace of mind by allowing me to make sure the devices are locked down and the data residing on them and on our network is inaccessible to anyone not authorized to view them,” says Larry Whiteside Jr., CISO at VNSNY.
Among VNSNY’s planned future initiatives is deployment of Altiris Server Management Suite, which will allow the IT staff to provision, patch, and monitor all servers from a central console.

Security and Cost Benefits

The primary impetus behind the VNSNY upgrade was to add additional security and management capabilities to its enterprise, but the organization saw considerable management and labor productivity gains when deploying Symantec products. In a comprehensive Total Operational and Economic Impact study of the VNSNY project, The Alchemy Solutions Group pinpointed the following areas of business value for the organization:
  • Over $1.2 million in IT labor productivity gains with proactive patch management from 2009 through 2011.
  • Nearly $250,000 in IT labor productivity improvements from customized threat management from April 2009 through 2011.
  • Over $150,000 in IT labor productivity gains through improving security management from July 2008 through 2011.
  • Over $120,000 in IT labor productivity gains through streamlining inventory management from 2009 through 2011.
To read the entire economic impact analysis of the Visiting Nurse Service of New York by The Alchemy Solutions Group, click here.

Back to Newsletter