Daily life in most big-city hospitals is nothing like what you see on "ER," with doctors rushing around continually, dashing from patient to patient, dealing with seemingly endless crises. In fact, most staff doctors and nurses work long, tiring shifts that are often filled with mundane diagnoses and treatments, along with a lot of downtime.
Since the advent of the Internet, many medical personnel fill a good portion of that downtime with Web surfing. With little else for entertainment available, doctors and nurses scour the Web for new medical studies or data on a particularly puzzling ailment.
And, like office workers everywhere, they read news sites; shop; and, inevitably, download all manner of malware and spyware.
Corporate IT departments the world over are dealing with the growing problem of spyware, and many organizations have found more than a few PCs infected to the point where they are essentially useless.
Thats an annoyance in an insurance company or advertising agency. But in a hospital setting, where those machines are used for entering diagnoses and ordering drugs, time is of the essence, and the problem can be downright dangerous.
At Denver Health Medical Center, the Level 1 trauma center for the Rocky Mountain region, the IT staff found itself in that situation last year. The 380-bed hospital has 3,200 PCs spread through the center itself, clinics and offices. The spyware problem in the PC population was so bad that IT workers were having to reimage some machines every other month. And it was taking medical staff as long as 2 minutes to log on to other PCs using the hospitals smart-card-based, single-sign-on solution.
That kind of performance was, understandably, not acceptable, especially since the hospital was in the middle of moving to a computerized physician order entry system. And 25 percent of the calls to the hospitals help desk were related to spyware. At an average cost of $10 per call, that was adding up to nearly $5,000 per month in help desk costs.
"If you get enough spyware on a computer, it stops responding," said Jeff Pelot, chief technology officer at Denver Health. "We were using [PepiMK Softwares] Spybot [Search & Destroy] and [Lavasoft Inc.s] Ad-Aware, but it got to the point where it was quicker to reimage the machines. The doctors got so fed up that they wanted to go back to paper."
That was obviously not an option. So Pelot began looking for an enterprise-ready anti-spyware solution. He said he quickly found that his options were quite limited. Until very recently, nearly all anti-spyware tools on the market have been consumer-focused solutions that reside on individual machines and remove infections after theyve occurred.
That situation is beginning to change, with several security vendors introducing enterprise anti-spyware products in recent months. And Microsoft Corp. plans to roll out its own enterprise-ready spyware defense solution later this year; the company has already released a beta version of its consumer product.
After talking to analysts at Gartner Inc. and representatives of Computer Associates International Inc. about its new solution, Pelot decided on a 30-day trial of Blue Coat Systems Inc.s ProxySG appliance.
Blue Coats box sits between the customers internal network and the Internet and acts as a proxy for all Web requests users generate. Administrators can assemble white lists of sites users are allowed to visit, and the appliance can block access to all other sites. Customers can take the opposite approach by blocking a few sites and allowing all others.
Most important for Pelot and Denver Health, ProxySG includes an anti-spyware capability that combines several techniques. Through the use of five discrete URL-filtering databases, the appliance can block access to known adware and spyware Web sites. It can also prevent malware already resident on a PC from connecting to known undesired sites.
"Thats the kind of control we needed on the clinical machines," Pelot said. "Even the best cleaners will miss something."