White Retail Group is fighting against the trend known as 'bring-your-own applications' – or BYOA – due to security concerns, according to its IT manager.
The managed service provider for Terry White Chemists and medical centres across the east coast of Australia has also avoided the cloud due to regulations around storing sensitive patient data, White Chemist Group IT manager Darryl Roberts told Computerworld Australia.
White Retail Group has resisted BYOA, under which users can install personal applications for work purposes. Roberts described this as a battle of “trying to convince our users not to install Google Chrome.”
“What they do at home, they try and come in and do inside the network.”
To combat this, Roberts said he has set up automated alerts that detect executable changes on PCs and notify IT what has been installed, at what time and on what PC.
IT tries to keep ahead by giving users the software they need before they try to install it, Roberts said. Using system management software from Kaseya, the IT staff installs and updates important software like Adobe Acrobat Reader for its employees, he said.
In addition, the IT staff has written scripts to prevent automatic update tools that commonly come bundled with software like Java and Flash.
Roberts said he knows people need programs like Reader, but fears that if the wrong version is installed it could break something in the IT environment. That is not an acceptable risk for a company in the healthcare sector, he said.
Bring-your-own device (BYOD), the trend of employees using their personal smartphones and tablets in the workplace, is another taboo.
“Inside the health sector, it’s pretty much a no-no to bring in your own device,” said Roberts.
White Retail Group provides iPhones and allows the devices to access its e-mail server, but that’s all, he said. “Everything else in the network has to be stored locally at the site.”
White Retail Group does not store any data in the cloud. Every store has its own server and local copy of information, said Roberts.
Third-party healthcare tech vendors have largely not supported the cloud, and even if they did, Australian law strictly regulates storage of sensitive healthcare data, he said.
“At any one of our sites, we could have 100 points of ID on a patient,” Roberts said.
“It’s a different story when a local fish and chips shop loses a customer database compared to a healthcare provider losing patient information.”
Saving hours with Kaseya
Four and a half years ago, IT support at White Retail Group was outsourced to third-party providers, said Roberts. Seeking to gain greater control over IT infrastructure and service delivery, the company recruited Roberts.
Including Roberts, the IT staff today comprises two full-time staff and one part-time person who has been helping with a migration to Windows 7. The compact team relies on automated service desk and IT systems management system software from Kaseya to support 35 sites.
Roberts said he considered a few options, but chose to deploy Kaseya largely for its automated scripting functionality, which has delivered a good level of resilience.
“For example, if the EFTPOS server is down, it reroutes it out to another one on the Internet without me even knowing,” Roberts said.
Scripts are easy to write thanks to a drag-and-drop interface, he added.
Roberts said the software has saved his team a significant amount of time setting up and updating PCs.
“We just drop an agent on a PC, put in the right group, and it applies exactly what should be on that PC,” he said. “Bringing that standard across the board when you’ve got 35 identical sites saves hours.”
While Kaseya can be operated inside the cloud, White Retail Group runs the software on premise for greater security, said Roberts.
“Yes, I’ve got to maintain another box inside the network, but it means I can feel comfortable knowing that my stuff is only on my stuff, and I don’t have to worry about some other person pulling it down or trying to do an attack.”
Kaseya announced a new version – 7.0 – of its software earlier this month. Roberts said he was most excited about its network monitoring module.
“Being able to actually see what’s going on in the network across multiple devices is a really positive step,” he said.
“Instantaneous access to an end-user’s network and full visibility across the various sites and their systems is going to be a significant efficiency saving for us.”