Integrated Winfrasoft system solves access and security issues
Liverpool Heart and Chest Hospital NHS Foundation Trust has joined forces with Winfrasoft to improve security of and access to its IT network.
A specialist cardiothoracic hospital, the trust sees 60,000 outpatients and carries out 12,000 inpatient procedures ever year.
We have introduced an integrated remote access, security and authentication solution that reduces log on time from around 10 minutes to less than one minute
In the past it had used a VPN-based remote access system which involved a convoluted five-stage log-on and authentication process, including the use of a hard token, meaning it could take up to 10 minutes to gain entry.
“This was deterring many people from using the service,” said IT operations manager, Matt Connor. “We needed to find a replacement that would combine high levels of security, authentication and verification to protect our systems and the confidential data residing on them, with a straightforward, reliable and quick sign-in process to encourage widespread usage.”
The solution, delivered by Winfrasoft partner, Sapphire, uses Winfrasoft’s Unified Access Gateway and Threat Management Gateway appliances, integrated with the ground-breaking 1.5 Factor Authentication (1.5FA) technology software solution, Winfrasoft PINgrid.
As part of a long-term IT plan, the trust has already rolled out Windows 7 and has invested in a large number of iPads as part of its plan to reduce paper. It also advocates a Bring Your Own Device (BYOD) policy, so the solution needed to be flexible enough to cover all devices.
Connor said: “The 1.5FA approach offers the perfect fit for a BYOD strategy. It means authorised staff can get fast and secure access from any device anywhere and our systems are fully protected at all times.”
As a result of the deployment, when a member of staff needs to log on they simply open their browser, type in the URL to launch the portal and are presented with a screen that asks them to provide their username, password and PINgrid passcode. On the right of the screen is PINgrid - a six-by-six grid comprising randomly generated numbers between 0-5 that delivers 2.1 billion possible combinations. The user simply types in the numbers that correspond to their pre-arranged easily-memorable pattern to enter a one-time code.
The team, whether clinical or clerical, can have access to the right information at the right time, improving the efficiency and effectiveness of our processes and ultimately the quality of service we deliver to all of our patients
PINgrid is also a future-proof solution, as should the trust wish to introduce 2FA for access to certain resources, they can easily roll out PINgrid as an app, transforming any mobile device in to a soft token.
Since introducing the system, the trust has reported a significant uptake in the number of staff choosing to logon remotely, with 140 current active users. Procurement staff can now log on and sign-off orders, radiologists have easily access to the picture archiving and communication system (PACs) to review X-rays, and management teams are able to easily access important documents and emails when offsite. The scalability and administration also makes it easy to add and remove users, especially as there is no longer a need to issue costly hard tokens.
Connor said: “Using UAG, TMG and PINgrid for 1.5FA we have introduced an integrated remote access, security and authentication solution that reduces log on time from around 10 minutes to less than one minute and provides the protection we need. The team, whether clinical or clerical, can have access to the right information at the right time, improving the efficiency and effectiveness of our processes and ultimately the quality of service we deliver to all of our patients.”