The Opava Psychiatric Hospital decided to change its IT solutions in order to improve data security but also to deal with obsolescent IT equipment, which meant a further threat in terms of cyberattacks. The hospital complex includes over 20 buildings, many of which the physicians have to visit on a daily basis. During their working hours they have to switch between different computers and log in to each of them. The nurses’ offices are usually equipped with a single PC, shared by several employees. There are over 300 end devices in the hospital, with up to 700 users working on them.
The hospital eventually opted for an on-premises infrastructure solution, in a proprietary datacenter, using the Citrix Virtual Apps and Desktops superstructure, which offers a virtually endless variability of use in a secured environment. The delivered system has moved security to a new level; sensitive data is protected from theft, abuse and cyberattacks. The employees have received an easy login solution and user interface that facilitates the delivery of their work tasks and simplifies the administration of the entire system.
Above standard protection of sensitive data
Data is stored in servers at the hospital’s datacenter, not directly in the end devices, even during their processing so that there is no risk of data abuse if an end device gets lost or stolen. The thin IGEL clients, which have been used in this solution, are locked away from security threats and are much harder to attack compared to the commonly used computers.
Access to applications and data is encrypted and the user communicates with the servers remotely using the Citrix Virtual Apps and Desktops technology. A watermark function displays the username and other data on the screen, continuously reminds staff that they are using sensitive protected data and prevents data leaks through screen capture methods, for example, photography.
Other goals include creating a common, intuitive user experience across disparate platforms, combined with strong but simplified security.
Easy user access with advanced security level
Users log in to their accounts in the Citrix StoreFront solution. To do so they just need to touch the device with an access card that they also use to move between buildings and individual wards. Verification of the authorized user is done regularly through requests for entering a PIN code.
Through this, data protection is ensured in the nurses’ offices where every worker can easily and quickly log in and log out of their accounts, as well as during the physicians’ standard work. Thanks to the ‘Follow-Me Desktop’ function they can, for instance, start writing a medical report in their office, leave it while they attend patients, and finish it upon logging-in at another ward. Moreover, they will find their user interface and running applications in exactly the same state as they had left them.
Simplified IT system administration
The Citrix solution with Provisioning Services technology allows for the creation of several virtual desktops from a single image of the operating system. These virtual worktops exist only in the system’s memory, so in case of a cyberattack the threat is eliminated by a simple shutdown of the server. Any IT employee can then simply, in an automated way, create new virtual desktops that will be protected against that attack. All that without compromising the workflow, continuity or user data in the system.