The challenge

VITAS has two main user groups that participate in its mobility program. The first is its patient care staff. They are in the field, primarily working with patients in their homes so mobile devices allow them to gain remote access to information relevant to the patient. The devices are a means of connecting back to the company’s main database where its staff can update patient records and prescribe drug orders for patients. Mobility is critical in delivering patient care at VITAS.

“Senior leadership in the company wanted more detail on how the devices were being used by employees – were they being used in a meaningful manner as we intended, or are they being used in a manner where it’s just a luxury item? I didn’t have an answer to clearly demonstrate how devices were being used so I went on a search looking for a tool that would allow me that visibility.”

– Naresh Samlal, AVP, IT Support

The second group is closer aligned to VITAS’ sales force and its members are responsible for business development and sales activity. Because of the nature of their work, they use devices when they are on the move to access emails and corporate resources.

The IT team at VITAS was looking for visibility into how devices were being used in order to make more informed policy decisions. As the IT team issued mobile devices, they wanted to make sure those devices were being used for the intended purpose and not for accessing risky content or data-hungry streaming services

Wedlake Bell

Company profile

VITAS Healthcare is the largest provider of hospice and palliative care
in the United States. 12,000 VITAS professionals including doctors, nurses and home health aides provide care and medical supplies and medications
to more than 17,500 patients daily. Headquartered in Miami, Florida, VITAS operates 93 locations across 14 states and the District of Columbia.

Visit their website

The solution

When the IT team started researching and evaluating mobile data management vendors, they stumbled upon Wandera via an internet search. Coincidentally, this was shortly before Wandera was also presented to them by VITAS’ primary carrier. Having that validation from the carrier – who already understood its needs as a business – made Wandera an obvious choice for the next step; a proof of concept (POC). VITAS evaluated other vendors but those vendors weren’t able to provide the same real-time usage analytics and policy enforcement capabilities that VITAS was looking for.

VITAS already had a full mobility management program with VMware AirWatch in place to manage the devices, so finding a solution that could integrate with AirWatch was important. Wandera has been designed to work alongside AirWatch, integrating the strengths of multi-level visibility with a sophisticated array of tools to control and adjust devices. With the combined power of both technologies, new insights on the security and status of every device can be surfaced at the device, application or data level. These insights can then be responded to using the combined functionality of both platforms.

AirWatch customers can efficiently deploy Wandera over-the-air across any number of enterprise mobile devices directly from the AirWatch console. For fleets made up of iOS supervised devices, like VITAS’, this deployment is zero-touch, requiring no input from the user.

“Wandera provided us the flexibility to allow some of these video and audio streaming, but limit their use to Wi-Fi only or block them in their entirety at management’s discretion. This flexibility was instrumental in maintaining productivity, policy enforcement and controlling costs, all the while providing our clinicians the ability to leverage the devices for music therapy and other clinical purposes.”

– Naresh Samlal, AVP, IT Support

When it came to setting up and configuring Wandera in accordance with the company’s acceptable use policies, the IT team at VITAS adopted an approach that wasn’t too restrictive right out of the gate. In fact, during the POC phase they made a decision around how they would define their policy – that the Wandera solution should be used ultimately to learn. They wanted to turn it on, let it run and learn from what the data was telling them in order to make intelligent compliance policies.

During the POC, the team discovered employee data consumption was quite high, especially due to the use of video and music streaming services. As you would expect, with powerful tools like VITAS’ mobility platform, clinicians had discovered many creative uses of audio and video streaming services to benefit patients.

Once Wandera had been fully deployed, VITAS activated Wandera’s security policy and its recommended blocks for the most risky categories including adult content and gambling. Blocks were also put in place for shopping, social media (with some exceptions for marketing content), and any other categories for which there was no related business need. A lot of the policies VITAS enforced were also mandated by the company’s security team and included third party file sharing services, such as Dropbox and Box, which present a risk of sensitive data exfiltration on both mobile and desktop.

“Wandera deployment was amazingly simple. Our AirWatch administrators are connected with the Wandera technical team and have access to all the necessary documentation. I specifically remember by the time we actually got on the phone for our first meeting about the technical aspect and configuration of Wandera, we already had it up and running. So the product was well supported from the deployment stance and it was a good introduction to what has turned out to be a really efficient integration. We get a ton of support from the Wandera team continuously, so the implementation was really easy and we found that it just works.”

– Naresh Samlal, AVP, IT Support

Wandera’s policy controls can not only block sites and apps at the category level but also individually. So in cases where content like obituaries would fall under a blocked category, VITAS was able to work with users to find out exactly which specific services were needed so that they could be whitelisted and available to users.

Wandera’s content filtering capability allows admins to be proactive in protecting devices, but for those unforeseen risks like phishing, data leaks and mobile malware, Wandera’s machine learning-powered threat defense works tirelessly to detect and prevent known and unknown threats before they reach the device.

Wandera has given VITAS a strategy to manage its data plan and a framework to prevent users from incurring excessive bills.

The usage visibility Wandera provides is helping the company to more efficiently and accurately forecast what its usage is going to be for the full extent of a contract. Wandera also protects VITAS from getting into a state that many businesses find themselves in, where additional data needs to be purchased for individual users due to recurring data overages.

VITAS has an overarching discount rate under an umbrella agreement with its carrier that’s not necessarily tied to the individual phone plans themselves. This means the individual plan sizing can be managed annually. VITAS has already achieved a saving of about 20 percent on its carrier costs thanks to that flexible plan sizing alone. That saving was achieved before Wandera was rolled out. So now with Wandera, further savings can be achieved, the pool can be further optimized and the results can be considered during the company’s capacity planning with its carrier.

“Wandera is a valuable tool in helping us to manage and predict our data plan sizing. Based on the performance of the individual data caps we have set and based on the user behavior we can now understand, we can see what volume of data we currently need and the trajectory of that data consumption so we can adjust our carrier plans accordingly.”

– Naresh Samlal, AVP, IT Support

Results

Before Wandera, VITAS had put layers of security policies on its employee mobile devices using services like AirWatch for device management and Apple’s Device Enrollment Program and Volume Purchase Program. By adding Wandera to these various components of control VITAS was able to give employees the right level of freedom when using their devices while managing the financial, security and compliance risks of mobility.

Wandera’s dedicated customer success and account managers work alongside the threat research and data science teams to provide bespoke analysis on an ongoing basis. One experience that the VITAS IT team found to be really positive was when they received a personalized email from Wandera about cryptojacking – a new threat where a hacker can use a device’s computing power to mine for cryptocurrency. The email informed VITAS that there was an analysis done on the company’s mobile fleet to discover the impact of the threat, it highlighted the areas of vulnerability and ensured the team that the policy to protect against that type of threat had been put in place which immediately rectified the issue.

Wandera has helped VITAS to manage how and when iOS updates are run on users’ devices. Historically, as Apple released iOS updates, the IT team wouldn’t have any control over when the devices would update, it was up to the user to update the device and at VITAS, a lot of users were doing it immediately. This isn’t necessarily a bad thing from a security perspective but for many businesses with custom built apps, running a software update right away can cause those apps to crash if they haven’t been properly optimized and stress tested on the new iOS version.

“That type of proactive communication from Wandera, at the forefront of mobile security, has been priceless at this point. To be engaged with a partner that has that position and our best interests front of mind – that’s a phenomenal experience, I’ve never had that experience with a partner like that in the past. So that’s been really refreshing.”

– Naresh Samlal, AVP, IT Support

“Often our in-house or custom built apps would not be ready for the latest iOS and so we would find ourselves in a position where we’d have to respond and react to an update in a more aggressive manner and with less control than we would like. But with Wandera we were able to block a recent iOS update and buy ourselves the time we needed to get our apps all up to the latest version. Once we reached that point, we then unblocked the iOS update and gracefully allowed the devices to update with the current version of our apps fully supported. So that was a huge win for us and just one example of how our customized policy model is working for us.”

The VITAS IT team checks Wandera’s admin console RADAR each day to access a variety of customized dashboards showcasing real-time security and usage information. Within the portal they also get instant alerts of new security incidents.

“When I look at my RADAR dashboard in the morning and it’s got something like 8,000 blocks by Wandera. It makes me and my CISO very happy to know we have a product that protects us when we’re not looking and more so when we least expect it.”

Security and usage analytics are not just provided through RADAR, but also through the end user app. The app shows employees the latest security alerts and information about their device, plus gives them an overview of which services they’re spending their mobile data on.

23

devices capped per day

8,000

policy violations blocked per day

366

threats blocked per day

“We felt that we were already protected because of the restrictions we had on the devices from a MDM perspective, but since deploying Wandera, we’ve learned about and fully understand some of the threats that get around MDMs such as mobile malware, different types of phishing attacks, leaking sites and apps and sideloaded apps. With hindsight, we can now see that Wandera is really giving us visibility into some of the risks that quite frankly we thought we were immune to.”

– Naresh Samlal, AVP, IT Support

Gartner Market Guide for Mobile Threat Defense Solutions 2018

“Beyond a unified endpoint management (UEM) security add-on, MTD is also used to address use cases such as mobile phishing, bring your own device, app vetting and compliance.”

Download now ›