Riverside Medical Center:
Dispensing MDM to Prevent Data Leaks
" Company: Riverside Medical Center, Kankakee, Ill. A 325-bed hospital that provides both inpatient and outpatient care.
" Key numbers: 2,400 users; 300 company-supported mobile units.
" Devices supported: Riverside owns and manages some 300 mobile devices, a mix of Android tablets and phones and iPhones and iPads, all of which are supported by IT. Some users, including visiting doctors, also bring in their own devices; depending on their role, IT may provide them with some base support.
" How BYOD happened: If BYOD is what doctors and medical staff are demanding, then Riverside has little choice but to ride the wave. "We have to support anything because the hospital three blocks down the street does, and doctors and nurses have a choice of where to work," says CISO Erik Devine. "We have to be flexible -- it's almost like a recruiting tool."
" How it's coping: Some users, including home healthcare professionals, are issued corporate tablets, secured and managed via McAfee's Enterprise Mobility Management (EMM) software. EMM lets the IT department restrict the apps and content that can be loaded onto a device, deploy two-factor authentication and remotely wipe devices if they are misplaced or stolen.
Other employees can use personal devices to access corporate resources like email and certain areas of the hospital's healthcare management system -- provided they sign an agreement and install EMM on their devices, according to Devine. Doctors on temporary assignments at the hospital may access noncritical resources through the guest network, as can workers who want to use their own devices but don't want to install EMM.
The biggest concern with BYOD is data leakage, Devine says. Even if visiting doctors install the requisite MDM client to gain access to hospital systems, Riverside has limited control over what they do with that information later on. "When a doctor comes in and accesses resources to do the job, we don't know what they do with the data after they're done," he says. "You have to open up doors for BYOD, but essentially you're opening doors you closed a couple of years ago."
[If] we have to manage 600 devices next year... I want to find a robust system that hits all my points.
" What's on the horizon: Development of a captive portal for the guest network is in the works. It will give IT more control by, among other things, making it possible to capture more data about devices that log on to the hospital network. Riverside is also evaluating MDM alternatives that will support more granular security policies and more readily accommodate new devices.
Sign up for Computerworld eNewsletters.