Welcome!

Linux Containers Authors: Liz McMillan, Pat Romanski, Elizabeth White, Richard Hale, XebiaLabs Blog

Related Topics: Linux Containers

Linux Containers: Article

Catholic Healthcare West Reduces Costs with Standardized Identity Management

Standards-based Linux-hosted directory services displaces Microsoft Active Directory

With more than 40 locations, Catholic Healthcare West was managing user identities across hundreds of applications running on multiple platforms. A streamlined identity management solution running on Linux has increased security and improved regulatory compliance, while dramatically reducing costs.

Overview
Catholic Healthcare West (CHW), headquartered in San Francisco, is the eighth largest hospital system in the nation and, with more than 9,500 beds, the largest not-for-profit hospital provider in California. The CHW network of more than 7,500 physicians and approximately 40,000 employees provides quality healthcare services for more than four million patient visits annually.

Challenge
As with many healthcare organizations, many of Catholic Healthcare West's facilities had locally developed information systems and software. As a result, it was managing disparate systems and platforms across 40 hospitals and medical centers. Each location also had its own way of managing network access and user identities for nearly 1,400 applications.

To streamline IT operations, CHW wanted to move away from proprietary platforms and create a standardized, open environment. The organization also wanted to create a standard approach to identity and access management that would increase security and meet regulatory requirements, while still giving physicians and staff fast access to applications.

Solution
After thorough research, including talking to many customers who had implemented identity management across a large enterprise, Catholic Healthcare West selected a Novell identity and access management solution to run on SUSE Linux Enterprise Server.

"A solution based on open standards fits our model of doing business," said Eric Leader, chief technology architect for Catholic Healthcare West. "Healthcare procedures are not proprietary, and information concerning how best to meet the needs of our patients is freely shared among caregivers. Because we work in an open community, it makes sense for us to have an open environment."

CHW consolidated all of its directories and migrated its Windows NT domains to Novell eDirectory to manage 20,000 user identities. Novell Identity Manager synchronizes user identity information across applications running on multiple platforms including Microsoft Windows, Linux, and multiple versions of Unix.

"Many of our applications require Microsoft Active Directory, but we were uncomfortable standardizing on a proprietary platform," Leader said. "Novell eDirectory supports open standards and allows us to manage identities across our diverse environment."

With centralized identity management, CHW can provision users three times faster, giving them immediate access to the applications they need. Users even have a single ID and password for many applications that are integrated with eDirectory. CHW will also be using Novell SecureLogin to give users single sign-on access to applications that are not LDAP-enabled.

Centralized identity management has greatly improved the organization's overall security and ability to comply with HIPAA, Sarbanes-Oxley, and other regulatory requirements. Using Novell Audit, CHW can conduct timely audits to track who is accessing information and when. The IT staff can also immediately revoke network access when employees leave the organization.

"We operate in a highly regulated environment where the requirements are always changing," Leader said. "We simply had to consolidate identity management or we would see a huge increase in time spent managing regulatory issues. The identity and access management solution provided by Novell helps us stay ahead of the curve."

CHW runs its Novell identity management solution on 30 SUSE Linux Enterprise Servers and HP hardware, and also runs several mission-critical systems on Linux, including Oracle databases, software distribution, claims management, and digital image archives.

"Microsoft licensing became too burdensome, so we looked for lower-cost alternatives and found that many of our large vendors were providing support for Linux and open source," Leader said. "As we purchase new software, we look for vendors who run on Linux. Eventually, we would like to run our entire organization on Linux."

A solid disaster recovery strategy is also an integral part of HIPAA compliance. With SUSE Linux Enterprise Server, CHW is implementing redundant systems faster and at a lower cost than with proprietary platforms.

"The flexibility we have with SUSE Linux has exceeded our expectations," Leader said. "There is no way we could keep up with rapid change if we continued to manage proprietary platforms. We now have a cost-effective way to remain compliant and maintain high availability."

Results
With a Novell identity and access management solution, Catholic Healthcare West centralized identity management across its diverse enterprise and reduced initial user administration time by 70%. The organization has increased security with role-based access, auditing capabilities, and streamlined provisioning and deprovisioning to immediately grant or revoke access.

"Before implementing the Novell solution, we provisioned users in a hundred different ways," Leader said. "We didn't think we could streamline this process without substantially increasing our staff. With the Novell solution, we have a high-quality, yet cost-effective solution that actually frees up much of our staff to work on other projects."

Running SUSE Linux Enterprise server has improved performance for several mission-critical systems, while significantly reducing hardware costs and reducing server administration time by 25%. The organization anticipates an estimated cost savings of $1.5 million.

"Novell's support for Linux has been excellent," Leader said. "We've now moved Linux from a hypothetical idea to a mission-critical platform in our organization."

More Stories By Linux News Desk

SYS-CON's Linux News Desk gathers stories, analysis, and information from around the Linux world and synthesizes them into an easy to digest format for IT/IS managers and other business decision-makers.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
CenturyLink has announced that application server solutions from GENBAND are now available as part of CenturyLink’s Networx contracts. The General Services Administration (GSA)’s Networx program includes the largest telecommunications contract vehicles ever awarded by the federal government. CenturyLink recently secured an extension through spring 2020 of its offerings available to federal government agencies via GSA’s Networx Universal and Enterprise contracts. GENBAND’s EXPERiUS™ Application...
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
Big Data engines are powering a lot of service businesses right now. Data is collected from users from wearable technologies, web behaviors, purchase behavior as well as several arbitrary data points we’d never think of. The demand for faster and bigger engines to crunch and serve up the data to services is growing exponentially. You see a LOT of correlation between “Cloud” and “Big Data” but on Big Data and “Hybrid,” where hybrid hosting is the sanest approach to the Big Data Infrastructure pro...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discussed how businesses can gain an edge over competitors by empowering consumers to take control through IoT. He cited examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He also highlighted how IoT can revitalize and restore outdated business models, making them profitable ...
We all know the latest numbers: Gartner, Inc. forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from last year, and will reach 20.8 billion by 2020. We're rapidly approaching a data production of 40 zettabytes a day – more than we can every physically store, and exabytes and yottabytes are just around the corner. For many that’s a good sign, as data has been proven to equal money – IF it’s ingested, integrated, and analyzed fast enough. Without real-ti...
I wanted to gather all of my Internet of Things (IOT) blogs into a single blog (that I could later use with my University of San Francisco (USF) Big Data “MBA” course). However as I started to pull these blogs together, I realized that my IOT discussion lacked a vision; it lacked an end point towards which an organization could drive their IOT envisioning, proof of value, app dev, data engineering and data science efforts. And I think that the IOT end point is really quite simple…
With 15% of enterprises adopting a hybrid IT strategy, you need to set a plan to integrate hybrid cloud throughout your infrastructure. In his session at 18th Cloud Expo, Steven Dreher, Director of Solutions Architecture at Green House Data, discussed how to plan for shifting resource requirements, overcome challenges, and implement hybrid IT alongside your existing data center assets. Highlights included anticipating workload, cost and resource calculations, integrating services on both sides...
"We are a well-established player in the application life cycle management market and we also have a very strong version control product," stated Flint Brenton, CEO of CollabNet,, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The IoT has the potential to create a renaissance of manufacturing in the US and elsewhere. In his session at 18th Cloud Expo, Florent Solt, CTO and chief architect of Netvibes, discussed how the expected exponential increase in the amount of data that will be processed, transported, stored, and accessed means there will be a huge demand for smart technologies to deliver it. Florent Solt is the CTO and chief architect of Netvibes. Prior to joining Netvibes in 2007, he co-founded Rift Technologi...
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud.
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
What are the successful IoT innovations from emerging markets? What are the unique challenges and opportunities from these markets? How did the constraints in connectivity among others lead to groundbreaking insights? In her session at @ThingsExpo, Carmen Feliciano, a Principal at AMDG, will answer all these questions and share how you can apply IoT best practices and frameworks from the emerging markets to your own business.
Basho Technologies has announced the latest release of Basho Riak TS, version 1.3. Riak TS is an enterprise-grade NoSQL database optimized for Internet of Things (IoT). The open source version enables developers to download the software for free and use it in production as well as make contributions to the code and develop applications around Riak TS. Enhancements to Riak TS make it quick, easy and cost-effective to spin up an instance to test new ideas and build IoT applications. In addition to...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
Ask someone to architect an Internet of Things (IoT) solution and you are guaranteed to see a reference to the cloud. This would lead you to believe that IoT requires the cloud to exist. However, there are many IoT use cases where the cloud is not feasible or desirable. In his session at @ThingsExpo, Dave McCarthy, Director of Products at Bsquare Corporation, will discuss the strategies that exist to extend intelligence directly to IoT devices and sensors, freeing them from the constraints of ...
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...
The best-practices for building IoT applications with Go Code that attendees can use to build their own IoT applications. In his session at @ThingsExpo, Indraneel Mitra, Senior Solutions Architect & Technology Evangelist at Cognizant, provided valuable information and resources for both novice and experienced developers on how to get started with IoT and Golang in a day. He also provided information on how to use Intel Arduino Kit, Go Robotics API and AWS IoT stack to build an application tha...