Scenario
DPV Health is a non-profit community healthcare organisation, offering patients an extensive range of healthcare and support services. Spanning 20 locations, their services include a mix of GP clinics, dental clinics, disability services as well as mental health and Allied Health services.
At the beginning of the COVID-19 pandemic in 2020, 80% of DPV Health staff were abruptly required to work from home, whilst constantly shifting to provide critical services to response teams, vaccine hubs and testing sites on demand. Arinco worked hand in hand with DPV Health’s internal IT team, guiding them through a rapidly changing technological landscape.
What began with forging a roadmap that enabled them to urgently expand their business into telehealth and teleconferencing across more than 20 locations, transformed into a dramatic uplift in their Cyber Security posture, identifying and remediating several unknown breaches, in a matter of weeks. These upgrades have allowed them to better serve their clients and grow their business to make their systems more sustainable and secure moving forward.
A year on from the pandemic and DPV Health were looking to mature and expand their security coverage to provide ongoing protection from outages or impacts to their critical first-response workers.
With the workforce continuing to work in a mobile, hybrid manner, utilising services such as telehealth and in-home services; supporting the safe delivery of new offerings was the key focus of the new engagement. They were looking for a partner to help them get 24/7 visibility of Cyber Security risks or incidents, whilst also minimising impact to ICT support staff.
Solution
As Arinco had already built a close relationship with DPV Health and their internal IT team, it allowed them to seamlessly support them when the ongoing strain from the pandemic made ‘business as usual’ significantly more challenging. Now, in partnership with Arinco DPV Health are continuing to invest in an optimisation plan, addressing security risks with best of breed Microsoft technology.
"Arinco had done the initial work on Cyber Security, which was great, and this next stage was maturing that. We were trying to solve the problem of how we get the view across the organisation of Cyber Security risks or incidents that were occurring, and how do we do that in a way that does not overload the ICT staff. We also wanted to solve 24/7 Cyber Security coverage.”
Noel Toel, CIO, DPV Health
When the DPV team had a choice to use the government- funded LogRhythm or opt for Microsoft Sentinel for internal Cybersecurity incident management – a program they would need to fund from their budget, DPV Health were so impressed with Sentinel, and confident with Arinco’s expertise, they chose this over the ‘free’ service. LogRhythm, however was still utilised for data storage and events & logs management, allowing the business to derive the most value from their data at a fraction of the cost.
Sentinel allows remote devices to be scanned and remediated automatically as soon as risks are detected. With a small team ‘signal fatigue’ was a real issue and with automated responses from Sentinel that weed out the non-incidents, the team’s time and efforts were no longer focused on weeding through thousands of detections of Indicators of Compromise (IoCs) alerts each Monday morning. Bringing in Microsoft Sentinel brought 24/7 automated incident reporting, and the ability to do remediation, without any intervention.
Further optimisations for additional security included a proof-of-concept biometric pass (Windows Hello for Business) using retina scans or fingerprints to log into DPV Health devices, as well as white-listing applications and systems (utilising Windows Defender Application control), so that only specific, allocated devices are enabled access to DPV Health systems. Enhanced Privileged Access management also now ensures that granular access control is maximised for admin users, and automatically expires after 8 hours. Access Review has also been configured to control and minimise access to the environment.
Outcome
With the continued optimisation, and improved innovations, the DPV Health team performed two security audits, with one auditor indicating they have never seen any organisation have such a dramatic uplift in Cyber Security in such a short space of time.
Further analysis of DPV Health’s Microsoft security score revealed that their security posture had increased from 52.24% to 80.91%, giving DPV Health increased confidence and protection, across Identity, devices, and applications, all whilst having zero impact to end-user productivity.
“Being a health organisation, DPV Health are constantly having to shift, in response to what is happening with the pandemic. Arinco have constantly been able to be agile, to support DPV health’s visibility and protection to implement 24/7 security and automated response, which has been important.”
– Noel Toal, CIO, DPV Health
Arinco brought the DPV Health team up to speed, ensuring that their teams were part of the process along the way, which in turn uplifted their internal threat hunting capabilities to prevent future cyber security attacks.
“Now we are looking for as much as possible for Microsoft to be the platform of choice and we are working with Arinco to migrate our servers across to Microsoft Azure, to pull together information and knowledge management, so that staff can get access to the information and data they need.”
– Noel Toal, CIO, DPV Health
“DPV Health have continued to be a dedicated customer, and the transformation program we've gone on together underpins this alliance. We're looking forward to continuing the journey and helping to modernise Healthcare services more broadly.”
– Peter Royal, Account Executive, Arinco