With CYRISMA, ConnextCare was able to reduce complexity, find security gaps easily, and get closer to compliance
ConnextCare has been providing family-oriented heath care services to the residents of Oswego, New York and surrounding counties for over 50 years. The healthcare organization values each of its patients, their privacy, and recognizes the costs associated with health care services. It strives to provide comprehensive, affordable, and premier health care and support services to the communities it serves.
The Problem
The on-prem cyber risk management solution that ConnextCare used before CYRISMA was too time- and effort-intensive for their small InfoSec team
ConnextCare was looking for an alternative to its on-prem cyber risk management solution, which was difficult and time-consuming to manage. Kenneth Martin, Director of Information Services at ConnextCare, says that as a small organization with limited IT security resources, they didn’t see value in maintaining on-site servers. The Nessus Tenable server that they were using before CYRISMA took more time and effort to manage than they had the bandwidth for. They were in the market for a cloud-hosted risk management solution when they first tested CYRISMA.
The Solution
CYRISMA’s SaaS platform was ideal for ConnextCare because it was cloud-deployed, easy to use, and combined multiple risk management features. It also helped ConnextCare get closer to compliance.
Interestingly, ConnextCare was one of CYRISMA’s first test subjects. CYRISMA was developed with the vision of making high-quality cybersecurity technology accessible to businesses of all sizes, and some of its initial test runs were in ConnextCare’s environment. “We did find some bugs in those first test scans… anything we found was resolved within two hours”, says Martin.
CYRISMA’s SaaS platform was ideal for ConnextCare because it was easy-to-use and deploy, didn’t require on-prem servers, and was effective at finding and managing security gaps and vulnerabilities.
In its initial days of switching to CYRISMA, ConnextCare used the Vulnerability Management and Secure Baseline features quite a bit. The Baseline scans helped them with PCI compliance, with the scan results showing them exactly what they needed to fix and the processes and procedures to do that. This meant that the team no longer had to spend additional time researching mitigation methods manually.
Martin also finds the Sensitive Data Discovery feature extremely useful for the industry they are in. ConnextCare deals with a lot of patient records, and staff members create multiple reports in the course of a day. There is an ever-present potential for human error. CSV and Word files containing sensitive patient data may be left exposed or unprotected. This is where CYRISMA’s Data Discovery feature helps – it enables the IT team to find all such exposed files by running a simple scan, provides mitigation options, and reduces the team’s workload significantly. It also helps ConnextCare get closer to compliance objectives.
The recently introduced Active Directory Monitor feature, too, is already showing results. In a small team where no one is an Active Directory specialist, the functionality to scan Active Directory helps find vulnerabilities that may otherwise have gone unnoticed, and enhances overall visibility and security.
About the Risk Assessment Reporting and Scorecards features, Martin says that they couldn’t be happier because everything they need is right there. The reports are well laid-out and provide all the information the team needs at a glance. They don’t have to expend extra effort to go searching for information, and if they need to drill-down into something, they can easily do that.
“Everything is right there. I don’t have to go searching for something. If I want to drill-down, it’s right there. Not having to search saves a ton of time.”
– Kenneth Martin, Director of Information Services at ConnextCare
Martin also loves the customer support offered by CYRISMA’s team. “Any time I have had a question it was answered promptly and professionally”, he says.
Overall, Martin gives a five-star rating to CYRISMA because of the value his team has been able to derive from the platform, the speed with which issues can be found and resolved, and the excellent support quality. ConnextCare was one of CYRISMA’s first customers, and it continues to see benefits as the threat landscape changes and the platform evolves.