In emergency care settings, clinicians need to act quickly to treat their patients. However, the login processes at hospitals and healthcare organizations can often cause delays with the service that they need to provide their patients.
Many healthcare organizations want to ensure the security of their systems and applications, but this often has a negative impact on the care they give their patients and can also lead to “death by clicking,” where precious moments are lost because of inefficient login processes and procedures. Clinicians need to quickly access the patients’ medical records including their history, dosages, medications, etc. to properly treat the patient. Every second that is lost could have been used in caring for the patient.
Something as simple as logging in to the computer and applications can become an issue and a major consumption of time, especially when it needs to be done multiple times or into multiple applications. This situation can be made even worse if physicians, nurses and other caregivers forget their passwords since they often have to remember several sets of credentials, and become locked out of the network. Though health records need to be kept secure, patient care should not suffer in the process.
Simplifying access to important systems, like patient health records, can save anywhere from a few seconds to several minutes each day, which is time that could be spent caring for patients. Quick access to a patient’s health record allows caregivers to make decisions about what kind of treatment options and medications to pursue. Clinicians often have to check several different systems and records in multiple environments to make these decisions. With a single sign-on solution, employees not only improve their workflow, documentation and security is also improved since the software records all user activities. This allows the healthcare organization to easily see what each employee is doing on the network.
Healthcare organizations need to reduce the headache associated with password issues and increase efficiency for clinicians so that they can provide a better experience for their patients. Simple solutions, such as single sign-on software, can easily mitigate these issues and are a necessity for reducing the time wasted on the login process. By not implementing an SSO solution, healthcare organizations are knowingly wasting precious time which can easily be reduced.
A single sign-on solution allows clinicians to have a single set of credentials to log on to a computer or workstation. Once they log in one time, they are automatically signed into all authorized systems and applications when they are launched.
SSO eliminates major hassles for clinicians and allows them to focus on their key priority, the patients.
The Rivierenland Hospital was one such medical facility that improved its efficiency with an SSO solution. The hospital’s clinicians indicated their frustration at having to remember too many log-in credentials and the time that it took them to log in before assisting each patient. An SSO solution was implemented allowing clinicians to swipe their card near the card reader and enter a PIN to access all of the applications and systems they need without having to remember and enter long passwords.
The solution supports a variety of applications, such as the healthcare solutions Soarian (Siemens), X/Care (McKesson), Patient Data Management System (PDMS) and the Zamicom hospital pharmacy information system, so that separate passwords don’t have to be entered for each.
“We have received compliments from various departments, including the usually highly-critical Intensive Care department. This is an extremely user-friendly solution,” said Jos Meeuwsen, the hospital’s system administrator.
Healthcare organizations are sometimes hesitant to implement an SSO solution because of the misconceptions they have, believing that SSO can hinder security, or that an implementation will be expansive or drawn out.
IT managers assume that if an unauthorized person gets hold of that single log in credential, that person will have access to all the account’s associated applications. Though this does appear to constitute a risk, the log-in process is actually streamlined for the user. Having to remember just one password essentially does away with the risk that the users will scribble passwords on a piece of paper and squirrel them away under their keyboard. If they still feel strongly about it being a security risk, SSO can offer additional security with two-factor authentication. This allows clinicians to swipe or place their card on the card reader in addition to entering a unique PIN. This process ensures that the user needs something physical, the card, and something from memory, the PIN, to access the network. Additionally, a second pass of the card, or removal from the reader, closes all applications and logs the user of the computer.
In regard to the implementation being an expensive and a drawn-out process, the nice thing about an SSO solution is that it’s often not necessary to set it up for all the people in an organization. In a hospital, for instance, SSO is only needed for a select group of people. The advice here is to restrict SSO to the most critical applications and the people who have to log in to a variety of different applications or from multiple locations. The implementation will then be easy to control in terms of price and complexity. This offers an excellent springboard for any further growth and expansion in accordance with changing future needs.
In addition to reducing the amount of time it takes to log in, SSO also has additional benefits. It can easily assist with audits by providing a detailed log of each user who has logged in and what they did on the network. It can also help healthcare organizations easily switch from shared workstations to individual account logins, which is required by HIPPA. Instead of eliminating the shared workstations and giving clinician’s credentials to the systems and applications, SSO easily transitions them to their own single set of credentials. Additionally, many vendors offer a “follow me” feature. This option allows users who have opened applications on Citrix and/or Terminal Server to continue their work on another computer.
An SSO solution along with the many features offered can result in a drastic time savings, particularly in the case of specialists who make their rounds amongst several departments or floors.
Implementing SSO is an easy process, and the solution integrates with almost all applications, including cloud applications. Once up and running, SSO provides the healthcare organization long-lasting benefits including increasing the care that patients receive and eliminates a great deal of wasted time.
For more information, please visit our website.
Thursday, October 24, 2013
Thursday, October 17, 2013
A recent succes story in the banking industry.
Needham Bank, located in Massachusetts, is a private bank providing
high quality services through its five locations. The bank has had a
rich history within the area since 1892 and prides itself on
personalized service and deep community involvement.
Recently, Needham Bank began expanding and has grown to a staff of over 170. As the bank grew in size so did the issues that its employees were having with passwords. End users at the bank need access to several different systems and applications in order to properly assist customers. “End users became frustrated at the number of disparate passwords they had, and the frequency they would have to enter the user names and passwords,” commented James Gordon, First Vice President of Information Technology at Needham Bank. It was also frustrating when employees had to halt what they were doing and contact the help desk to reset their password if they were locked out.
Customers also became frustrated, as they had to wait for bank employees to sign into each application separately, which was time consuming. It also led to security issues due to employees keeping a ‘password sheet’ with each set of their credentials written down in order to remember them. Additionally, IT was frustrated at the amount of password reset calls they were receiving. On average they had to perform around 10-20 password resets a day, which became tedious and took time away from other projects they needed to focus on.
Due to the success experienced with SSRPM, Needham then decided to implement E-SSOM to further mitigate their password issues. “We had already used SSRPM and over the years it worked flawlessly. We expected the same from E-SSOM,” said Gordon.
E-SSOM now allows employees to log in with a single user name and password, and thereafter gain access to all systems and applications for which they have authorization, drastically reducing the login time.
Overall, E-SSOM and SSRPM have allowed employees at the bank to focus more on their customers and less on their password issues. “I now view E-SSOM and SSRPM an irreplaceable part of our network infrastructure and core to how the business will operate moving forward,” said Gordon.
For more information, please visit our website.
Recently, Needham Bank began expanding and has grown to a staff of over 170. As the bank grew in size so did the issues that its employees were having with passwords. End users at the bank need access to several different systems and applications in order to properly assist customers. “End users became frustrated at the number of disparate passwords they had, and the frequency they would have to enter the user names and passwords,” commented James Gordon, First Vice President of Information Technology at Needham Bank. It was also frustrating when employees had to halt what they were doing and contact the help desk to reset their password if they were locked out.
Customers also became frustrated, as they had to wait for bank employees to sign into each application separately, which was time consuming. It also led to security issues due to employees keeping a ‘password sheet’ with each set of their credentials written down in order to remember them. Additionally, IT was frustrated at the amount of password reset calls they were receiving. On average they had to perform around 10-20 password resets a day, which became tedious and took time away from other projects they needed to focus on.
Drastic Reduction in Password Related Issues
Needham first implemented Tools4ever’s Self Service Reset Password Management (SSRPM) to allow employees to reset their own passwords without having to contact the helpdesk. They simply answer several security questions, which they previously provided answers for during initial enrollment, and are able to securely reset their own passwords. This drastically reduced the amount of password related calls the help desk received and allowed employees to quickly complete the process and continue with their work.Due to the success experienced with SSRPM, Needham then decided to implement E-SSOM to further mitigate their password issues. “We had already used SSRPM and over the years it worked flawlessly. We expected the same from E-SSOM,” said Gordon.
Customization
During the implementation of E-SSOM, Tools4ever worked with Needham Bank to ensure that the solution worked with all of their unique applications. Many of the applications in place run on various codebases and include web applications, java-based applications, legacy Windows applications and many more. “Tools4ever was with us through the entire process, making sure to get it right, and tweaking E-SSOM along the way to fine tune it in our environment,” commented Gordon.E-SSOM now allows employees to log in with a single user name and password, and thereafter gain access to all systems and applications for which they have authorization, drastically reducing the login time.
Improvement in Customer Service
With a single set of credentials, employees no longer have to write down their passwords in order to remember them, which has resulted in greatly improved security. E-SSOM has also augmented customer service at Needham Bank, by allowing employees to avoid signing into multiple applications. In addition, if employees do need to reset their passwords, they are able to quickly do it themselves and continue assisting customers. “Employees are able to focus on the customer rather than on their computer,” said Gordon.Overall, E-SSOM and SSRPM have allowed employees at the bank to focus more on their customers and less on their password issues. “I now view E-SSOM and SSRPM an irreplaceable part of our network infrastructure and core to how the business will operate moving forward,” said Gordon.
For more information, please visit our website.
Thursday, October 10, 2013
Strengthen Organizational Security Without Breaking the Bank
As leaders within all types of organizations grow more concerned with the security of their networks, they increasingly turn to enhanced security and access processes over the “normal,” more traditional approaches to user name and password authentication methods.
Two-factor authentication (also known as TFA, T-FA or 2FA) is an approach to authentication that requires the presentation of at least two of the three main authentication factors. For example, a knowledge factor (something specific to the user, such as a password or childhood memory), a possession factor (something the user has, such as a scan card), and an inherence factor (something the user is, such as a type of employee) are all forms of authentication factors.
The banking industry, for example, has used this concept for years with the ATM card. To gain access to your cash, you must have a physical card in hand as well as a personal identification number (PIN) to access your account.
Another example of this is found on laptop computers that manufacturers have built fingerprint readers into. The only way to access the information on the machines is by scanning an approved user’s fingerprint. The application adds a great deal of security and is perfect for industries like finance, healthcare, and even education.
The question for organization leaders seeking stronger authentication processes is this: how can two-factor authentication provide extra security to an organization while not requiring a large capital outlay?
There are two options that are becoming commonplace and ever more affordable:
Password Resets
The concept of using challenge questions like “What’s your mother maiden name”, or “Where were you born?” has been around for many years. Banking websites are the most common example of this concept. If you forget your password and successfully answer the challenge questions to reset your password, you gain access to your cash.
With the advent of smart phones and text messaging, many companies have already added a second factor—a one-time use PIN code delivered via email or SMS must be provided in addition to answers to security questions.
The first iterations of these solutions exclusively relied on the challenge questions to allow password resets. As social engineering concerns have come in to play, vendors have been quick to add 2FA to these solutions. The delivery of a PIN via text messaging to the user’s cell phone number on file insures the reset is being performed by the actual user.
Another benefit of these challenge questions is that they can be utilized by the helpdesk to positively identify a caller. When an employee phones the helpdesk requesting access to a new application or to be added to a shared or distribution group, the helpdesk can access the questions and masked answers. For example, the answer to “What color is your car?” could display as “X_XX_” and the caller would be asked to provide the second and fifth characters. If the correct characters are provided, it insures the caller’s identity. By masking the answers, the helpdesk employees are never exposed to the confidential answers.
A second factor of authentication—delivering a PIN to an email or via SMS—can further enhance a system’s security. Also, the number of questions and answers to be provided to the user can be dictated by company policy, allowing for the greatest level of security for any given organization.
Single Sign-on with Strong Authentication
Many technology leaders acknowledge the benefits associated with a Single Sign-On (SSO) solution—productivity gains reducing the number of required credentials from many to one and reducing calls to the helpdesk for forgotten passwords.
SSO software enables end-users to log in to their systems just once after which access is granted automatically to all of their authorized network applications and resources. SSO also operates as an extra software layer intercepting all log-in processes and completing the details automatically.
A common concern here is that if the one set of credentials is hacked, then access to all systems can be exposed. In this case, two-factor authentication can eliminate this perceived risk.
In a two-factor authentication scenario, the end user presents his ID badge (“something the user has”) to a card reader attached to the machine he is attempting to access and enters his credentials (“something the user has”) then as an extra layer of protection, enters a PIN code when accessing highly sensitive systems.
It is also feasible that the ID badge replaces the credentials and the PIN becomes the second factor.
Two-factor authentication is catching on rapidly in the business to consumer arena as functionality, such as self-password reset was originally implemented to reduce call volume and security of this functionality, has been strengthened in response to identity theft and social engineering. Use of secondary identification methods are now widely available to businesses interested in providing the same secure functionality to employees, and are much more affordable than in the past.
For more information, please visit our website.
For a case study on a recent implementation, click here.
Two-factor authentication (also known as TFA, T-FA or 2FA) is an approach to authentication that requires the presentation of at least two of the three main authentication factors. For example, a knowledge factor (something specific to the user, such as a password or childhood memory), a possession factor (something the user has, such as a scan card), and an inherence factor (something the user is, such as a type of employee) are all forms of authentication factors.
The banking industry, for example, has used this concept for years with the ATM card. To gain access to your cash, you must have a physical card in hand as well as a personal identification number (PIN) to access your account.
Another example of this is found on laptop computers that manufacturers have built fingerprint readers into. The only way to access the information on the machines is by scanning an approved user’s fingerprint. The application adds a great deal of security and is perfect for industries like finance, healthcare, and even education.
The question for organization leaders seeking stronger authentication processes is this: how can two-factor authentication provide extra security to an organization while not requiring a large capital outlay?
There are two options that are becoming commonplace and ever more affordable:
Password Resets
The concept of using challenge questions like “What’s your mother maiden name”, or “Where were you born?” has been around for many years. Banking websites are the most common example of this concept. If you forget your password and successfully answer the challenge questions to reset your password, you gain access to your cash.
With the advent of smart phones and text messaging, many companies have already added a second factor—a one-time use PIN code delivered via email or SMS must be provided in addition to answers to security questions.
The first iterations of these solutions exclusively relied on the challenge questions to allow password resets. As social engineering concerns have come in to play, vendors have been quick to add 2FA to these solutions. The delivery of a PIN via text messaging to the user’s cell phone number on file insures the reset is being performed by the actual user.
Another benefit of these challenge questions is that they can be utilized by the helpdesk to positively identify a caller. When an employee phones the helpdesk requesting access to a new application or to be added to a shared or distribution group, the helpdesk can access the questions and masked answers. For example, the answer to “What color is your car?” could display as “X_XX_” and the caller would be asked to provide the second and fifth characters. If the correct characters are provided, it insures the caller’s identity. By masking the answers, the helpdesk employees are never exposed to the confidential answers.
A second factor of authentication—delivering a PIN to an email or via SMS—can further enhance a system’s security. Also, the number of questions and answers to be provided to the user can be dictated by company policy, allowing for the greatest level of security for any given organization.
Single Sign-on with Strong Authentication
Many technology leaders acknowledge the benefits associated with a Single Sign-On (SSO) solution—productivity gains reducing the number of required credentials from many to one and reducing calls to the helpdesk for forgotten passwords.
SSO software enables end-users to log in to their systems just once after which access is granted automatically to all of their authorized network applications and resources. SSO also operates as an extra software layer intercepting all log-in processes and completing the details automatically.
A common concern here is that if the one set of credentials is hacked, then access to all systems can be exposed. In this case, two-factor authentication can eliminate this perceived risk.
In a two-factor authentication scenario, the end user presents his ID badge (“something the user has”) to a card reader attached to the machine he is attempting to access and enters his credentials (“something the user has”) then as an extra layer of protection, enters a PIN code when accessing highly sensitive systems.
It is also feasible that the ID badge replaces the credentials and the PIN becomes the second factor.
Two-factor authentication is catching on rapidly in the business to consumer arena as functionality, such as self-password reset was originally implemented to reduce call volume and security of this functionality, has been strengthened in response to identity theft and social engineering. Use of secondary identification methods are now widely available to businesses interested in providing the same secure functionality to employees, and are much more affordable than in the past.
For more information, please visit our website.
For a case study on a recent implementation, click here.
Subscribe to:
Posts (Atom)