Few organisations have the capacity to impact life more than organ, eye, and tissue donor services, which connect the donors who make transplantation possible with patients whose lives are saved or enhanced by these gifts. DCI Donor Services (DCIDS) is a family of companies founded in 1971 that includes a tissue bank, eye bank, and organ procurement locations with 11 offices in Tennessee, California, and New Mexico. DCIDS supports potential donor families and provides care for them throughout the donor process.
DCIDS’s mission, vision, and values are summed up through their commitment to save and enhance lives. They connect people through organ donation and transplantation, as well as through their commitment to science, health, and hope. DCIDS’s mission is realised by mobilising the power of people and the potential of technology to extend the reach of each donor’s gift.
Given the sensitive nature of its lifesaving and life-enhancing operations, DCIDS is available for donors and patients around the clock, 365 days a year. In order to support an always-on network and protect the safety of patient information, DCIDS uses a traditional on-site IT environment. This includes a mix of physical and virtual servers, with plans to virtualise the majority of its servers in the future. However, supporting 300 users across the nation, operating between 400-500 computers, laptops, and other mobile devices in the field without central security management was becoming challenging and costly for the IT team.
Without a high level of visibility, DCIDS wasn’t confident its security vendor was automatically updating the machines with the latest security patches, leaving the organisation vulnerable to attacks. “Our time wasn’t being put to good use because our security was consistently outdated and overmatched,” said Greg Bell, IT director of DCIDS. “We were constantly checking it.”
That made detecting attacks a big issue for DCIDS. “Given the poor performance of our machines, we realised our previous vendor wasn’t detecting as many threats as they should have,” said Taylor Atkins, System administrator for DCIDS. “We needed a far more effective and flexible solution for our environment.”
In addition to protecting its IT environment, DCIDS must also comply with strict healthcare regulations. Processing and distributing donor tissue and organs follows stringent safety guidelines and government mandates such as HIPAA. “We’re committed to maintaining public trust by providing the best possible security for all patient health information, including donors and recipients,” said Bell. “We wanted a solution that would help us ensure compliance and public trust.”
In addition to ensuring compliance, DCIDS wanted a security vendor that would support its planned virtual desktop infrastructure (VDI) implementation and keep its costs in check. “Our IT security costs were beginning to rise, and as we moved closer to a VDI environment, it was clear our previous vendor could not provide an effective solution at an affordable price point,” said Bell.
Finally, because organ donation is stressful for families, DCIDS is committed to providing exemplary customer service to its donors and patients. DCIDS wanted this same level of customer service from its security vendor. Unfortunately, support from its prior vendor was inconsistent.
“We experienced a ransomware attack on a machine that had our prior security vendor installed on it. Fortunately, Trend Micro not only detected the attack, they protected the rest of the network and helped us quickly resolve the issue.”
System administrator, DCIDS
“One time we called their tech support and got a technician who was just completing his shift. Rather than transferring us to another technician he told us to call back and then hung up on us,” said Atkins. “We want customer service that responds to our needs.”
Today, DCIDS uses Trend Micro to protect its entire IT environment. Trend Micro Deep Security provides a comprehensive security platform that protects the company’s physical and virtual servers from data breaches and business disruptions—and achieves cost-effective compliance across these environments.
Trend Micro Deep Security also offers DCIDS the flexibility it needs to respond in an evolving threat environment with tightly integrated modules for anti-malware, web reputation, firewall, intrusion prevention, integrity monitoring, and log inspection. “Deep Security’s agentless security is a big advantage for us. It doesn’t hinder the performance of our servers, shields us from attacks, and secures our virtual desktop environment,” said Bell.
To protect its end users against the latest threats, DCIDS deployed Trend Micro OfficeScan for endpoint protection. OfficeScan protects physical and virtual desktops, laptops, and mobile devices with cloud-based global intelligence, integrated data loss prevention, and a virtualisation-aware client that improves endpoint performance across the organisation.
For DCIDS, one important feature of OfficeScan was the centralised security management that enables enhanced visibility and control. “Central management of IT security was essential for us because it let us monitor our endpoints and users, and gave us back the time to focus our attention on more important, customer-facing projects,” said Bell.
”Our reputation is very important to our public trust. Securing patient health information across all IT environments is a top priority for us.”
IT director, DCIDS
To get mail server protection for inbound and outbound data that covers their entire internal and mobile workforce, DCIDS deployed Trend Micro ScanMail for Microsoft® ExchangeTM. ScanMail provides document exploit detection, enhanced web reputation, and sandboxing to protect DCIDS from malware and other security breaches. “Our email environment covers thousands of miles from Tennessee to California,” said Atkins. “It requires comprehensive security like ScanMail to stop spam, malicious URLs, and advanced threats.”
Why Trend Micro
After reviewing security solutions from a number of vendors, DCIDS selected Trend Micro for a number of reasons. “We’re a small company but we have enterprise-size security requirements. Trend Micro was the only vendor that understood our needs,” said Bell. “They helped us see how their solutions would solve our security challenges and support our business for the long term.”
One of the deciding factors for Bell was the broad range of security services that Trend Micro offered, including the centralised management that protected DCIDS’s endpoints and physical and virtual servers with powerful cloud-based protection from viruses, malware, and advanced threats. Another factor was Trend Micro had VDI security that could support DCIDS’s ongoing move towards virtualisation.
“We found Trend Micro solutions easy to use and they provided advanced security capabilities that our prior vendor lacked,” said Atkins. “And because Trend Micro was an authorised VMware solution provider and we planned to deploy VDI on a VMware platform, the choice for us was easy.”