THE COMPANY

INTEGRIS Health, a not-for-profit corporation founded in 1983, is Oklahoma’s largest health system with hospitals, rehabilitation centers, physician clinics, mental health facilities, independent living centers and home health agencies throughout much of the state. The corporation is also one of the state’s largest private employers with approximately 9,000 employees. Collectively, the entities within INTEGRIS Health maintain more than 1,500 licensed beds and have medical staffs that number approximately 1,400 physicians.

THE CHALLENGE

As INTEGRIS Health planned to consolidate close to 50 separate electronic medical record systems spanning its healthcare network into a centralized Epic system, Senior Systems Engineer Jason Hayes and his team faced a major challenge. “Epic requires a Linux back-end environment, so we needed to expand to about 60 Linux servers fairly quickly,” Hayes explains. “Previously, we primarily utilized AIX and Solaris, but to accommodate the growth for the Epic project, we planned to deploy most of the systems on the Red Hat Linux operating system.”

Approximately 400 application design, support and admin personnel as well as medical personnel that would consult on the Epic user-interface system would eventually need access to the Linux servers. Given that INTEGRIS Health must operate under HIPAA compliance regulations, the security and policy controls that would manage the Linux servers would play a major role as the organization must always be prepared for potential audits.

THE SOLUTION

To take on this challenge, Hayes and his colleagues closely examined BoKS® Server Control from FoxT as well as Centrify and BeyondTrust. For the new server control solution that would help manage and protect the Epic servers running on Linux, INTEGRIS Health sought several key capabilities:

• Integration with Active Directory for both users and groups.• Discreet privilege escalation management across multiple systems—with the

ability to specify commands and options.• Compatibility with the security-enhanced Linux kernel module for supporting

access control security policies.

SOLUTION SUMMARY

CUSTOMER TYPEHEALTHCARE

CHALLENGEMANAGING USER ACCOUNTS FOR ELECTRONIC MEDICAL RECORD SYSTEM RUNNING ON LINUX SERVERS WHILE ALSO IDENTIFYING AND MITIGATING RISKS IN ORDER TO COMPLY WITH HIPAA REGULATIONS.

SOLUTION BoKS SERVER CONTROL

KEY BENEFITSACCELERATED DEPLOYMENT OF USERS AND USER GROUPS ONTO LINUX SERVERS.

REDUCES TIME TO GIVE USER GROUPS NEW PRIVILEGED ACCESS TO EXISTING SERVERS.

DECREASES TIME TO ASSIGN USERS AND ADD NEW SYSTEMS TO THE SERVER NETWORK.

HELPS IDENTIFY AND MITIGATE SYSTEM VULNERABILITIES.

INTEGRIS Health Turns to FoxT to Streamline Linux Server Management and Mitigate System Vulnerabilities CASE STUDY | HEALTHCARE

• Compliance with HIPAA regulations.• Controls over local accounts and domain accounts

“The product demonstrations provided by each software firm and a review of the capabilities that each solution offered differentiated BoKS Server Control as the only one that met all the requirements,” Hayes reveals.

“The solution also streamlines the process for adding local accounts to systems and controls the adding of the access route for the local accounts,” Hayes adds. “This is a critical security feature as it prevents someone from using an account with root access to create a new account with privileges.”

Hayes also particularly appreciates the privilege escalation management feature offered by BoKS Server Control. This eliminates the need to manage a sudoers file on every single system. “We were so impressed during the demonstration that we did not need to run any on-site tests,” Hayes says.

THE RESULTS

After working through the initial accelerated deployment, Hayes and his team have benefited from the day-to-day capabilities that BoKS Server Control provides in managing the Linux server environment. “Privilege escalation management and centralized sudo management are particularly huge benefits,” Hayes emphasizes.

On an almost daily basis, Hayes and his team receive requests for a group of users to gain privileged access to one or more systems. Rather than having to manually edit the sudoers file on each system every time there’s a change, they can go into the BoKS Server Control console and add any program group that is needed.

The team can also set the duration for how long the group will be active and the specific users for which each system is activated. The granted access is then automatically pushed out to all the pertinent systems, and the users can instantly connect.

“Gaining this capability means we no longer have to log into each server and edit the sudoers file, keep track of the changes, and then remember to undo the access after the duration expires,” Hayes adds. “This probably saves us about 30 minutes per system every time we need to make such a change—and usually we need to do this for anywhere from 6-30 systems. All that time adds up.”

BoKS Server Control is also a big time saver any time Hayes and his team roll out a new system. “We just add the system, note the correct groups, and all the accounts that are needed for that system are automatically added,” says Hayes.

ABOUT FOXTFox Technologies, Inc. helps companies protect corporate information assets with network security and access management software as well as striving to simplify compliance and streamline administration with an award-winning access management and privileged account control solution. Our access management software centrally enforces granular access entitlements in real time across diverse server environments.

To learn more about Fox Technologies, please visit us at: www.foxt.com

CONTACT INFONorth America3300 Eagle Run Drive NE, Suite 202Grand Rapids, MI 49525+1 877 818 3698 (Toll Free)

SwedenFoxT Sweden ABKungsängsgatan 18ASE-753 22, Uppsala+46 18 16 00 00 (Main)

United Kingdom400 Thames Valley ParkReading , Berkshire RG6 1PT+44 1189 637 681 (Main)

www.foxt.com | info@foxt.com

INTEGRIS HEALTH TURNS TO FOXT TO STREAMLINE LINUX SERVER MANAGEMENT