Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jason Hart jason.hart@protocom.cc Bob Bentley bbentley@novell.com Healthcare Solutions Using Novell SecureLogin and Novell Modular Authentication Service.

Published byGordon Roberts Modified over 6 years ago

Similar presentations

Presentation on theme: "Jason Hart jason.hart@protocom.cc Bob Bentley bbentley@novell.com Healthcare Solutions Using Novell SecureLogin and Novell Modular Authentication Service."— Presentation transcript:

1 Jason Hart jason.hart@protocom.cc Bob Bentley bbentley@novell.com
Healthcare Solutions Using Novell SecureLogin and Novell Modular Authentication Service Jason Hart Bob Bentley

2 Abstract Healthcare organizations face many technology challenges today, including everything from tight IT budgets to HIPAA regulations. In this session, learn how healthcare organizations around the world have addressed these challenges using Novell SecureLogin (NSL) single sign-on and Novell Modular Authentication Services (NMAS).

3 Agenda Novell SecureLogin and NMAS in Healthcare
Business challenges—password pandemonium Healthcare Specific challenges SecureLogin and NMAS in Healthcare Typical Project, timeline, costs and things to watch out for. Demonstration Integrated Smartcard and Back-office environment Roaming Nurse using Shared PC.

4 Authentication & Password Management Challenges

5 Password Administration Challenge
Simplify & Secure the helpdesks environment. Many analysts report that the top reported issue to most corporate helpdesks is the need to reset a users password across one or multiple systems. Systems that are not controlled centrally, requiring complex interaction between helpdesks e.g. internal and external helpdesks of different systems such as external B2B providers, mainframe helpdesk verse Unix helpdesk Help desk frustration Repeatitive work Normally Insecure when dealt with through a call center. Poor security compliance Industry estimates indicate that the average password reset has an associated combined administrator/user cost of 10 minutes per event. By introducing a mechanism that improves the likelihood of users remembering their passwords, an annual administrative saving can be realized. Using an annual average salary of $20 per hour, annual administrative savings can be figured by : Yearly corporate resets x .167 hours/event x $20/hour

6 Password Management Problems: Help Desk & Administration Costs
Did you know… HIPPA, Title II requires “Administrative Simplification” and Positive User Identification. Each time an end-user calls the Help Desk, it costs the organization $25 to $50 (Giga) Annually, organizations spend $200-$300 per user on password management (Hurwitz Group) (IDC) Annual Help Desk time spent managing passwords for an average 5,000 user organization with… 4-8 apps: 4,150 hours over 20 apps: 10,700 hours

7 User Productivity Challenge
How do you turn password pandemonium into password bliss ? End users use the same passwords across multple systems. They use password systems that may not change for years and are the same inside and outside your company. We all forget passwords Simplify & Secure the users environment. Many analysts report that the top reported issue to most corporate helpdesks is the need to reset a users password across one or multiple systems. A typical user spends 44 hours a year just logging into applications Systems that are not controlled centrally, requiring complex interaction between helpdesks Post-it note security - Poor security compliance productivity challenges - annual productivity savings can be computed by: (. 25 hours/week) x (48 business weeks/year) x ($20/hour salary) x (# of staff)

8 Password Management Problem: End-User Productivity
Did you know… The average user scenario: 44 hours per year performing multiple login tasks to access 4 applications (Hurwitz Group) A 5,000 user organization loses 1,479 hours of productive time per month getting help with passwords (IDC) Over 70% of users have password problems at least monthly (IDC) Streamlined access is a competitive advantage

9 Password Management Problem
What about data security? The cost of litigation private and government The cost of lost customer confidence The cost of being offline The cost of lost profits

10 HIPPA and Privacy Legislation
Health Insurance Portability and Accountability Act of 1996, Title II includes a section requiring “Administrative Simplification.” Security standards protecting the confidentiality and integrity of “individually identifiable health information,” past, present or future.

11 Portions of “A HIPAA CHECKLIST - Information Security”
Ensure that users of electronic health information have unique access codes which can positively and reliably identify the user. Ensure that each user’s access is restricted to the information needed to do his or her job Ensure that system managers, network managers and programmers do not have unlimited and unrecorded access to patient information

12 Healthcare Unique Authentication Challenges
Hospital Environments are one of the most diverse environments with unique requirements for Each Discipline and Business Area Admissions streamline registration process for previous client. Back Office Administration Surgery - sterile, masks, gloves, high pressure ER - gloves, high pressure Wards - shared computers, gloves, much data entry Lab - gloves, data entry Radiology - EM filtered equipment

13 Healthcare Unique Challenges
Mobile Medical Staff regional and temporary clinics Technology Challenges Limited Budgets and resources Citrix, Terminal Server Physical Space on Desktops Mobile Devices IT often viewed as ‘second class citizen’. Need for life/death Emergency “Break the Glass” IT systems

14 What is Novell SecureLogin and NMAS ?
Industry Leading Authentication & Password Management Solution World’s best Single Sign-on #1 market share leader (IDC) Industry Leading Advanced Authentication Infrastructure Over 30 NMAS hardware providers Open and secure framework. Key Part of Secure Access Suite SecureLogin & NMAS PLUS Web Portal Single Sign-on - iChain Password Redirection - NDS/AS It includes multiple methods to solving customers Password management problems. Every customer is different and their password management needs are different. The Secure Access suite enables a customer to choose one of more password management solutions that suit their business needs without having to re-engineer business processes to suite a specific password management solution.

15 NSL/NMAS for Healthcare
Exceeds HIPPA Security requirements for User Authentication. Enable consistent password policy compliance across all systems. Eliminate security weakness’s with shared passwords with internal and external systems. Significantly Increase security by eliminating password sniffing. Eliminate helpdesk password management. Flexible -works in all disciplines of Healthcare.

16 NSL/NMAS for Healthcare
Built-in support for Healthcare Applications. Graded Access to the network filesystem. Graded Access to Windows, Mainframe, Internet and Unix Applications. Graded Transaction Access on the mainframe available. Promotes a common security architecture around the directory. Built to work with all major Healthcare Applications. Supports unique Healthcare Environmental Challenges

17 Holistic Approach Novell Secure Access suite is a holistic approach to all major Authentication & Password Management requirements. With SecureAccess which includes SecureLogin you are not locked into one specific password management methodology or technology. Because SecureAccess includes 5 different password management technolgies :- Single Sign-on Advanced Authentication Password Synchronization Portal Single Sign-on Passsword Redirection It provides an open and flexible approach to solving all major password management issues while providing the highest return on investment of any other solution. This is why Novell is the recognised leader in Password Management.

18 How it Works: Login Experience – Before NSL
Application Server 4) Application Starts Login ID: Password: frank ******* 2) Credential Challenge 1) Launch Application 3) Provide Credentials Client Workstation

19 How it Works: Login Experience – With NSL/NMAS
Application Server Novell eDirectory 5) NSL Receives Secret from eDirectory, Supplies it to the Application 3) Credential Challenge 1) Authenticate to eDirectory with biometric, password, token etc. 4) NSL Requests Secret from eDirectory 2) Launch Application Login ID: Password: Client Workstation

20 Do I need SecureLogin? The problem for Healthcare
Increasing help desk support costs Help desk overload - Concerns about protecting information Increased User Authentication and Security Requirements with HIPPA The problem for end users: Too many IDs and Passwords Too much employee downtime because of password problems Fast access to information The typical target audience for SecureLogin consists of medium to large organizations with a significant IT infrastructure. The easiest sale is to companies where NDS is already installed. The question “How many passwords do you have?” gets a universal response—too many. End user customers are frustrated by the proliferation of passwords and the requirement put on them to set hard-to-guess passwords, and then remember them without recording them somewhere. Similarly, ask any IT professional about how his users handle passwords, and you’ll inevitably hear some amazing war stories about people sharing passwords, taping a password cheat sheet on their monitor, etc. IT professionals are tired of dealing with users forgetting their passwords and having to reset them. They’re weary of the effort and the cost. Look for good SecureLogin prospects among government, financial, health care, utility and academic accounts. Most organizations have not implemented single sign-on technology.

21 Overview of typical implementation

22 Regional Hospital Main hospital with remote doctors offices across varying speed links. 15 NetWare fileservers 3 UNIX machines running HIS. Windows 95 and W2K corporate desktop. Client/server HIS Reflection for Unix v5 primary emulator Citrix based applications for remote offices.

23 High level requirements
Wanted to increase level of user authentication for legislative requirements. Diverse environment with different requirements between different disciplines within the hospital in addition to external users. Had a shared PC environment and medical staff typically did not logout and shared their ID’s. Needed to increase security for mobile medical staff. Wanted to use productivity and helpdesk savings resulting from single sign-on to fund initial project and ongoing support.

24 Case Study - Client with 2000 Users
Costs Software $140,000 Project Management & Consulting $150,000 Ongoing consulting and training $30,000 Ongoing maintenance $21,000 Return on Investment (yearly) Helpdesk Savings ($90pu) $180,000 User Productivity ($110pu) $220,000 Annual Saving $400,000 Ongoing Services $(51,000) 1st Year Savings $89,000 2nd Year Savings $349,000

25 Typical Project Project management
Making single sign-on work is about 10% technology and 90% project management Project management Prepare business case with ROI Analyze business and user requirements and document system constraints User Groups including Unions. Which applications Current application limitations How users access the system - wards, surgery, back office etc. What the business expects from the system (what the project performance will be measured against) System architecture and Design documentation based on requirements

26 Typical Project Consulting Determine requirements for each application
login rules, change password, invalid password processing etc. Review disaster recovery plan Tape backup strategy Develop software release process Establish test environment Develop performance guidelines and milestones Develop return on investment milestones Implementation plan Test cutdown plan with pilot 2 users at each business unit one application per business unit big bang ?

27 Typical Project Consulting /cont Training
Software distribution process changes system maintenance most businesses evolve, so does the infrastructure and the need to periodically review the system measuring the ROI Security Review of applications and infrastructure generic accounts - RCONSOLE, routers, physical security systems etc. Test and Pilot system Training end-users helpdesk system designers in-house application developers security and auditing staff Software distribution Post implementation on-going helpdesk training

28 How long should it take ? It will be different for each organization but work on at least 1-24 months (depending upon the complexity, number of systems, size of organization and management acceptance).

29 Implementation Time Guides
users 1 - 4 months users 6 months 2000+ users 6-24 months

30 Generic Time line Requirements Training/Implementation Changes
Project Definition Design/Eval/Plan Support

31 Things to avoid Not every application is suitable/cost effective for single signon. Not every part of the organization will be able to use Advanced Authentication in every scenario - ‘emergency break the glass” Duplication of systems and data. Big Bang is simply not a good option - roll out apps in sets. Over extending your infrastructure - the system must be reliable. Don’t be Locked in - all organizations environments change, you need flexibility.

32 Things to DO Make sure you have high level organizational support.
You have a backout strategy as the #1 design goal. Funding for ongoing support of new product updates and new corporate applications. Partner with one or more SSO specialist companies - it will save you time and frustration. Essential to have the helpdesk and applications areas fully trained and using the product every day.

33 Implementation/Ongoing Challenges
Training large group of users. Determining requirements and expectations for each application upfront. Application consistency. Disaster Recovery Strategy - ‘break glass scenario’ Constantly changing environment. Staff and helpdesk changes. Coping with user momentum for SSO to other applications

34 Summary Vastly reduce help desk costs due to password management resets. Improve network security and meet legislative authentication requirements, absolutely and consistently. Significantly enhance end-user productivity and satisfaction. Improve Competitiveness and technological advantage. Massive Return on Investment Helpdesk Staff Savings Quality Satisfaction Gains Increased Security with reduced load on user. User Satisfaction Helpdesk performance Infrastructure simplified External Compliance External Audits by Bank Supervision HIPPA Government Regulations Establishing appropriate evidence to Prosecute internal hackers. Fewer Security Breaches Internal Hacking Redundant Staff Improved Security Policy Compliance Eliminate weak passwords No Written down passwords No Duplicate passwords across multiple internal and external systems.

35 Demonstration

36 Demonstration DEMO1 - Back office
User logging onto eDirectory Smartcard and Password - very strong user identification. No more passwords to internet, mainframe and other HIS applications. DEMO2 - Nurse in Shared PC environment. Nurse inserts smartcard with PIN and is taken to their healthcare applications with no further passwords. Nurse removes smartcard and desktop is closed. Nurse moves to next PC and re-inserts card and is taken back to their applications.

37

Download ppt "Jason Hart jason.hart@protocom.cc Bob Bentley bbentley@novell.com Healthcare Solutions Using Novell SecureLogin and Novell Modular Authentication Service."

Similar presentations

ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work.

ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work.
Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.

Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.

SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
Security Controls – What Works

Security Controls – What Works
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Chapter 10 Managing the Delivery of Information Services.

Chapter 10 Managing the Delivery of Information Services.
Identity and Access Management

Identity and Access Management
Network security policy: best practices

Network security policy: best practices
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Electronic Customer Portal System. Reducing Risks – Increasing Efficiency – Lowering Costs Secure Internet based Communication Gateway direct to your.

Electronic Customer Portal System. Reducing Risks – Increasing Efficiency – Lowering Costs Secure Internet based Communication Gateway direct to your.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals 

5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.

Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Similar presentations

Ads by Google