Case Study: PriorityOne Prescribes Cure for Health Care Provider’s Security Woes

The Company

PriorityOne Group

PriorityOne Group is a provider of integrated IT services to businesses including physician practices, ambulatory surgery centers and hospitals.

The Client

The client is a regional specialist medical practice with several offices in New Jersey.  

The Challenge

As a rapidly growing health care provider, the client is extremely concerned about security, since cybercriminals are increasingly targeting facilities such as theirs. Symantec reported that the health care sector experienced the largest number of data breaches in 2014 for the fourth consecutive year. And as Michael Ebert, leader in KPMG’s health care and life sciences cyberpractice notes, “Patient records are far more valuable than credit card information for people who plan to commit fraud, since the personal information cannot be easily changed.”{ad}

When the client entered into a full managed services agreement with PriorityOne Group in November 2015, one of PriorityOne Group’s initial objectives was to improve the medical practice’s IT security. At the time of the engagement, the client relied upon real-time anti-virus scanner software to protect its entire IT infrastructure from viruses and malware. While use of such software allowed the client to maintain compliance with the HIPAA Security Rule that is intended to protect electronic personal health information, it can leave an organization unexpectedly vulnerable. Anti-virus scanners represent a reactive rather than proactive solution; they detect a virus only after the virus is present on a machine.  

PriorityOne Group set out to address this vulnerability.

The Solution

PriorityOne Group has a partnership with OpenDNS, a Cisco company and service that provides Internet threat protection. One of most significant benefits of OpenDNS software is that it provides real-time outer layer Internet protection; it prevents a computer user from visiting websites infected with viruses that would then infect the user’s computer. OpenDNS is automatically updated on an ongoing basis as the system identifies new websites infected with viruses.

After performing an assessment of the client’s IT infrastructure, PriorityOne Group set out to implement OpenDNS across the client’s entire network, which presented some challenges. First, the client’s staff members have their own individual user accounts on the network. This allows the client to ensure staff members have access only to the information and programs appropriate for their jobs. While this is a good security measure, it made implementing OpenDNS more difficult as every user needed to have OpenDNS installed within their account. With hundreds of employees working in multiple locations, a manual installation of OpenDNS on all user accounts would have been a time-consuming and expensive process.

The solution to this problem came from Glenn Bartholomew, PriorityOne Group senior systems engineer. After the PriorityOne Group team built a dedicated server to run OpenDNS for the client, the engineer created a “group policy object” script that automatically runs on the client’s network. When the client’s staff members log into their accounts, the script checks the account to see if OpenDNS is installed. If it is not, the script initiates…


…an automatic installation of the software without any interruption to the user. Within five days, the client’s entire network had its Internet traffic processing through OpenDNS. Critical business and patient information was better protected than ever before.

But there was another benefit to installing OpenDNS on the client’s network. The program can also track the websites visited and Internet services used by staff members and restrict that access. One week after OpenDNS was fully operational, PriorityOne Group ran a report on Internet usage. The results were a shock to the client’s leadership. Three of the top five websites visited by staff were non-work related. In one week, Facebook received 20,000 hits, Twitter received 14,000 hits and Instagram received 11,000 hits. The time spent on these websites alone (the report indicated that there were many other non-work related websites visited frequently during that week) represented numerous hours of lost productivity.

In health care, margins are tightening, costs are rising and competition is increasing, so organizations cannot afford reduced staff productivity. Working with the client’s leadership, PriorityOne Group configured OpenDNS to prevent staff from accessing Facebook, Twitter and Instagram. OpenDNS was also configured to block other social media services, pornography and other websites, as well as peer-to-peer sharing, video-streaming and radio-streaming networks. A process was put in place that permitted staff to request access to a blocked website or service.

One week after the restrictions were put into place, a new report was generated. The number of hits for Facebook, Twitter, Instagram and the other blocked services and websites: zero. In addition, the blocking of sharing and streaming services reduced the bandwidth strain on the network.

PriorityOne Group performs a weekly security review and discusses the results with the client’s leadership. Additional restrictions are put in place, when needed.

The Results

Implementing OpenDNS across the client’s network gave the organization much stronger IT security and eliminated numerous staff distractions. Over a one-week period, the client’s staff visited Facebook, Twitter and Instagram more than 45,000 times, wasting numerous man hours. After OpenDNS was implemented, staff were no longer able to visit these and many other websites that significantly reduced staff productivity and potentially exposed the client’s network to security risks.

As the first substantial service provided by PriorityOne Group to the client, the OpenDNS implementation delivered significant improvements that set the stage for the numerous upgrades and enhancements planned going forward.

Do you have a success story you’d like to share? The Channel Partners Case Study Challenge is accepting submissions on a rolling basis. They will be published in a special section on the Channel Partners site, and the best ones will be awarded a Case Study Challenge Winner logo for use on their own websites. The best of the best will be invited to share their stories during a live session at a Channel Partners event. Case studies should be 1,200 words or less. You can download the form, send responses directly to Lorna Garey, editor-in-chief, or use our Web submission process. Let us hear from you!

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 50411