Derrick Jardine, CIO of Atlantic Health Sciences Corp. (AHSC), needed a painless solution for his connectivity headaches. Physicians with the New Brunswick-based network of 12 hospitals and health centres were clamouring for remote access. Without a secure method, getting laboratory results and other patient information from the hospital meant a delay of up to four days for printouts to be delivered to their home offices, or a drive to the hospital.
But traditional remote access remedies made Jardine’s headaches worse. AHSC tried a telco virtual private network (VPN) offering, but it proved to be costly and time-consuming. “When we did a pilot with 10 physicians, we had significant issues. They had different PCs, and the software wouldn’t work on some,” said Jardine. “We have about 90 physicians who need remote access, and we would have needed to load the software and certificates on each PC.”
Jardine needed an alternative solution that would simplify life — and found it. Last year, AHSC agreed to participate in a pilot study of AnyWare Group’s Role Oriented Access Management (ROAM) system, designed to provide Web-based secure identity and access management. “We provide the infrastructure that enables the hospital’s security policies,” said Rick MacPhee, vice-president of operations and marketing at AnyWare.
No software needs to be installed on a user’s PC. ROAM provides customized portal capability to the end user. A neurologist can only access whatever information is permitted for his role, as defined by the AHSC, from any PC. ROAM uses endpoint control software to detect and verify that the remote device meets the minimum requirements set by their clients’ security policies, for example, a firewall, before granting access.
“By having a Web-based solution, our users can have or buy whatever PC they like so long as it meets our requirements,” said Jardine.
The typical ROAM implementation project requires about a week and a half. AnyWare installs a secure gateway, a Sun server loaded with their code, after meeting with network managers to get an understanding of the security environment, policies and roles. Enforcement of the security rules is managed remotely from AnyWare’s command and control network operations centre.
No communications or data goes through AnyWare’s centre. When an access request is received at AHSC’s secure gateway, it sends a message to AnyWare’s operation centre. It responds by sending the rules of engagement back to the AHSC’s gateway. Then the gateway responds to the original access request and “paints” the portal based on the individual’s access rights, offering tailored links to the right systems. This is the sum total of the “managed” component of ROAM’s managed service offering.
“A big issue from my perspective is that I don’t want a client running on the PC that I don’t manage,” says Jardine. AHSC has access to AnyWare’s command and control system and adds, deletes and manages its own users. “All tools are in the hands of sys admin people so they can grant access on a daily basis in seconds,” says MacPhee.