The DLP Argument for VDI in Healthcare

David Ting
Feb 03, 2012

Steve Coplan of The 451 Group recently published a terrific report on Virtual Desktops that examines the intersection of management and security. The report (subscription required) does a great job of capturing how far virtual desktops have come in enabling productivity and efficiencies, while also emphasizing the security needs that these environments must meet. It’s definitely worth a read so be sure to check it out.

Steve hit the nail on the head in describing the importance of user authentication in securing virtual desktops. This is especially relevant in healthcare, which is rapidly adopting virtual desktop access (VDA) to improve clinician productivity and secure patient data. We were also pleased that Steve mentioned the work Imprivata is doing with VMware around fast, seamless user access for virtual desktops:

One of the early movers in this area in both tying strong authentication to SSO and embedding its technology into the virtualized desktop agent, specifically VMware View, is Imprivata.

Imprivata has made the astute decision to build VDI support into what we have described as its authentication management middleware, and frame it as one element within the scope of its technology. Imprivata has integrated features for VDI session security, including authentication management, SSO access to applications, user roaming and location awareness, as well as user audit and compliance reporting. The company has not productized the VDI features, instead slotting them into its OneSign appliance – which is also now available as a virtualized version – since it views VDI as part of a broader set of authentication management requirements.

This report reflects many of the conversations we’ve had with our customers. Healthcare organizations evaluating or moving towards a VDA environment are driven not only by cost/ROI reasons but in many cases the desire to reduce exposure to data breaches, improve clinician productivity and support greater mobility of the clinical desktop.

The data loss prevention (DLP) argument is one that is becoming relevant in healthcare because of the public nature of most healthcare organizations and the penalties/damages associated with patient record breaches. Recently enacted privacy regulations around breach disclosures have forced many organizations to rethink how they are securing patient data. Many hospitals have moved to using thin clients to eliminate the need to have any patient data on public facing computers to reduce exposure if the computer is lost or stolen.

The mobile nature of a clinician’s workflow in a hospital setting forces a clinician to constantly logon and logoff the shared computers spread throughout the hospital. Needless to say this activity is viewed by the clinicians as reducing the time spent taking care of the patient. The ability for the clinician to roam from workstation to workstation and rapidly reconnect to an already-running session has tremendous impact on clinician satisfaction and productivity. We’ve done specific integration with VMView to support the roaming workflow described above and this has been well received in a hospital setting especially when combined with location based services.

From a future-proofing perspective, the ability for a healthcare organization to deliver the same desktop on any device is perhaps the most compelling driver to consider Virtual desktops as clinicians want access to the same applications from their clinics, home offices or while they are on the road. This trend is only starting as many hospitals are now evaluating how they can support the iPad for clinical use.

At the upcoming VMworld Aug. 31-Sept. 2 in San Francisco, we’ll be demoing some exciting capabilities for secure “follow-me desktops” and VDA in healthcare environments. If you are going to at the event, come by our booth (#441) and see how secure virtual desktops can help your organization. We’d love to talk to you!