Peninsula Home Hospice – Cyber Security Case Study

Background

Peninsula Home Hospice (PHH) was born from a recognised community need and established by a group of volunteers eager to ensure those wanting to stay in their own home as they faced terminal illness were able to do so. Since then the service has grown into a Specialist Community Palliative Care Service provided through a DHHS service agreement and community support. PHH works collaboratively with Specialist Palliative Care consultancy team and the Palliative Care Unit (run by Peninsula Health) as well as General Practitioners and Medical Specialists, Community Nursing, Acute Hospitals (both public and private), Residential Aged Care Facilities, local councils and other community services to optimise end of life care for all.

PHH partnered with Majestic Computer Technology in July 2019 for managed IT services and put in place a high-level digital strategy for the coming five years that included a roadmap around IT Security maturity improvement.

Challenge

Health Care providers have consistently been one of the top three contributors of privacy complaints to the Office of the Australian Information Commissioner (OAIC) over the last three years, a further indication of the vulnerability prevalent within the industry.

They have also been the leading source of notifiable data breaches since mandatory notification began in February 2018.

While often perceived as a ‘technical’ matter, Cybersecurity is much broader and encompasses both the technological and human aspects of an organisation.

The executive team at PHH were concerned about recent information security incidents that specifically targeted the health sector in Australia and tasked Majestic with a review of their current cybersecurity maturity, their compliance to the DHHS’s information security directives, ACSC’s Essential 8 and other various health and patient data related regulations in Australia like HIPAA, NATA.

PHH’s three-year support and maintenance contract with their existing network firewall provider was coming up for renewal in October 2019. Also, an upgrade to their internet service bandwidth aimed to cater for a growing number of users, meant the current firewall solution was no longer suitable.
Following this, Majestic then sought to find PHH the best solution to meet their current needs, with the ability to scale as the organisation continues to grow.

Solution

Majestic went to tender on PHH’s behalf to find a suitable security partner. From a long list of security vendors, Majestic shortlisted and presented three options to PHH, with Red Piranha’s Crystal Eye as their preferred solution.

The organisation selected Crystal Eye over other alternatives due to its ability to implement multiple layers of defence that created greater visibility and security awareness across the entire organisation.

Crystal Eye offered comprehensive reporting and features as part of the built-in GRC controls that meant PHH and the board could;

  • Quickly understand their organisation’s security maturity
  • Establish which areas demand improvement
  • Keep their business-critical documents and information safe with Data Loss Prevention (DLP)
  • Restrict the use of unapproved applications on corporate networks with Application Whitelisting (AWL), one of the Governments ‘Essential 8’ mitigation strategies

Being an Australian vendor with the ability to manage and support the deployment from their local Security Operations Centre (SOC), was also a critical factor in PHH’s decision.
Majestic’s team worked closely with Red Piranha throughout the implementation process to ensure the transition was smooth with minimal disruption to PHH. One month following deployment, Majestic held a post-implementation tuning session to ensure that the Unified Threat Management (UTM) is correctly tuned to provide an optimum level of security.

For PHH, it was also encouraging that Red Piranha’s managed security (SIEM) is a standard inclusion with the licence subscription, that provided proactive monitoring and response with from their highly advanced global threat intelligence coupled with human expertise from their Australian based 24/7 SOC teams.

This process reassured PHH that Crystal Eye well and truly exceeded the tender criteria and that they were advised and provided with the right solution to support their security infrastructure for the coming three years and no doubt, beyond.

Result

Red Piranha’s Crystal Eye provided a higher level of visibility and reassurance.
PHH is now using built-in features and technologies like Application Whitelisting and Vulnerability Assessments not previously available, providing additional layers of protection and assurance.
Our team in conjunction with Red Piranha, continuously deliver expertise and knowledge to further improve the security posture for PHH.

EUROFINS|MGT DATACENTER SETUP PROJECT

Majestic was appointed to plan and migrate Eurofins|mgt server infrastructure from Head Office to the Datacenter.

Eurofins|mgt has emerged from the Eurofins Scientific acquisition of mgt LabMark Environmental Pty Ltd. Eurofins |mgt has 200 staff and a network of National NATA Accredited Environmental Laboratories located in Brisbane, Sydney & Melbourne that are supported by a National distribution and service network with offices located in Adelaide, Perth, Darwin & Newcastle. Eurofins also operates an Environmental Laboratory in Wellington along with Food and Agroscience Laboratories in Auckland, Hamilton & Christchurch.

Datacentre migration was required to provide access to the Eurofins global services across the network, provide high availability and improve backup and disaster recovery approaches.

Implementing a transitory domain controller and critical business application at the Head Office during the phase of relocation

  1. Designing a layout for the servers and the devices at the Datacentre
  2. Collaborate with Eurofins global IT in designing and implementing the network infrastructure at datacentre according to the Eurofins global guidelines
  3. Implementing multiple VLANs for VMware Infrastructure and production servers in accordance to their operations
  4. Relocating the VM Infrastructure and Servers from the Head Office to Colocation Datacentre
  5. Restoring all the servers and services with minimum downtime
  6. Post relocation review, testing and clean up

ALLSTAFF AIRCONDITIONING NETWORK REDESIGN PROJECT

Majestic was appointed to redesign the network layout of Allstaff Airconditioning (Vic) Pty Ltd.

Headquartered in Melbourne, Allstaff Airconditioning has been a market leader in air conditioning and mechanical services for over 35 years. Since inception in May 1975, Allstaff has grown to a team of over 300 staff operating now in Victoria, New South Wales, Albury-Wodonga and the Australian Capital Territory.

Majestic evaluated, planned and implemented the successful network redesign by:-

  1. Network size – 150 users
  2. Redesign of the network layout
  3. Replacing the network cabling and ensuring provision for future VoIP implementation
  4. Relocating the server room
  5. Upgrading the server hardware (Dell based server, switches etc)
  6. Migrating the network from Windows Server 2003 and Exchange Server 2003 environment to Windows Server 2008 and Exchange Server 2007 64 bit environment
  7. Upgrading the Unix based IIS Application Server
  8. Migrating network applications and data to new servers
  9. Configuring internet connections and remote access
  10. Configuring VPN access to enterprise network application from other offices (Sydney, Albury- Wodonga and the ACT)

EUROFINS|MGT ELVIS APP/SQL SERVER PROJECT

Majestic was appointed to plan and deploy mgtLabmark’s LIMS Application at Enterprise Level

Eurofins|mgt has emerged from the Eurofins Scientific acquisition of mgtLabMark Environmental Pty Ltd. Eurofins|mgt has 200 staff and a network of National NATA Accredited Environmental Laboratories located in Brisbane, Sydney & Melbourne that are supported by a National distribution and service network with offices located in Adelaide, Perth, Darwin & Newcastle. Eurofins also operates an Environmental Laboratory in Wellington along with Food and Agroscience Laboratories in Auckland, Hamilton & Christchurch.

Majestic evaluated, planned and deployed the LIMS Application at Enterprise Level by:-

  1. Deploying Application Server based on Windows Server 2008 & IIS7
  2. Deploying Database Server based on Windows Server 2008 & MSSQL 2008
  3. Configuring remote access to LIMS application from mgtLabmark network
  4. Configuring WAN connections and secure remote access
  5. Configuring secure access to LIMS application from mgtLabark website for local/remote users and company clients
  6. Configuring integration with email system and other network applications

HUDSON BAKER MYOB NETWORK APPLICATIONS IMPLEMENTATION PROJECT

Majestic was appointed to plan and upgrade Hudson Baker’s network as well as implement MYOB network applications on the server.

Hudson Baker Pty Ltd, an accounting firm based in the Melbourne suburb of Cheltenham, specialises in helping successful small-medium business owners and successful professionals. They specialise in providing individual tax returns in addition to business taxation to relating to sole traders, partnerships, companies and trusts.

Majestic evaluated, planned and implemented the successful network upgrade and the MYOB network applications by:-

  1. Migrating from Windows Server 2003 environment to Windows Server 2012 environment
  2. Reconfiguring existing printers, switches and routers
  3. Migrating workstations from Windows XP to Windows 7
  4. Implementation of Antivirus program providing the first line of defence by actively filtering malicious attachments, virus and malware threats
  5. Installing and upgrading MYOB applications on the new server
  6. Moving MYOB data from workstations to a single location on the server
  7. Implementing full backup and imaging solution for disaster recovery

BDD MIGRATE EMAILS TO HOSTED EMAIL SECURITY PROJECT

Majestic was appointed to plan and configure cloud based email security for BDD Engineering.

BDD Engineering is a general engineering consultancy practice which has been in operation for over 25 years, specialising in structural and civil works design and documentation for building structures, industrial, commercial and residential developments and plant and production projects.

A cloud based email security was required to stop spam, malware, spear-phishing, and advanced targeted attacks before they reach the network.

Majestic planned and implemented the successful migration by:-

  1. Configuring hosted email security for incoming and outgoing emails
  2. Migrating email configuration with no downtime
  3. Reconfiguring Microsoft Exchange environment for the new infrastructure
  4. Conducting a post migration review

ASTHMA MIGRATE EMAILS TO HOSTED EMAIL SECURITY PROJECT

Majestic was appointed to plan and configure cloud based email security for Asthma Foundation of Victoria.

The Asthma Foundation of Victoria has for over 40 years provided advice, counselling, education and training to people with asthma, their carers, health professionals, first aiders and the community.

A cloud based email security was required to stop spam, malware, spear-phishing, and advanced targeted attacks before they reach the network.

Majestic planned and implemented the successful migration by:-

  1. Configuring hosted email security for incoming and outgoing emails
  2. Migrating email configuration with no downtime
  3. Reconfiguring Microsoft Exchange environment for the new infrastructure
  4. Conducting a post migration review

EUROFINS|MGT MIGRATE TO SYMANTEC ENDPOINT PROTECTION PROJECT

Majestic was appointed to plan and migrate network antivirus solution to Symantec Endpoint.

Eurofins|mgt has emerged from the Eurofins Scientific acquisition of mgt LabMark Environmental Pty Ltd. Eurofins |mgt has 200 staff and a network of National NATA Accredited Environmental Laboratories located in Brisbane, Sydney & Melbourne that are supported by a National distribution and service network with offices located in Adelaide, Perth, Darwin & Newcastle. Eurofins also operates an Environmental Laboratory in Wellington along with Food and Agroscience Laboratories in Auckland, Hamilton & Christchurch.

To align with Eurofins global guidelines, it was required to migrate the network antivirus solution to Symantec Endpoint Protection.

Majestic planned and implemented the successful migration by:-

  1. Configuring Symantec Endpoint Protection Manager application and database server
  2. Configuring Group Update Provider application server
  3. Configuring multiple antivirus policies for different user categories
  4. Migrate over 250 computers and 12 servers in 7 offices to the new antivirus solution with no downtime

THE HOUSE OF LIFE REMOTE WORKPLACE PROJECT

Majestic was appointed to plan and implement secure remote workplace for The House Of Life.

The House of Life has been serving patients since 1999. They offer Acupuncture, Traditional Chinese Herbal Medicine, Naturopathy, Osteopathy, Cranio Sacral therapy, Chiropractic Medicine, Counselling, Nutrition, Homeopathy, Bioresonance Therapy and Meditation. The Clinic stocks a range of Herbal & Organic products, Supplements, Exclusive range of House of Life Teas and Elixir’s.

Secure remote workplace was required to enable general practitioners to work remotely and be able to use office IT resources.

Majestic successfully planned and implemented secure remote workplace by:-

  1. Consolidating all network applications on one master workstation
  2. Configuring the master workstation for simultaneous secure remote access by multiple users
  3. Reorganising all network data to a network storage for secure access
  4. Configuring a disaster recovery plan for the master workstation

EUROFINS|MGT NATIONAL NETWORK INTEGRATION PROJECT

Majestic was appointed to plan and implement the network integration of mgt Environmental and Labmark Laboratories following mgt Environmental’s purchase of 100% of Labmark Laboratories from Bureau Veritas.

Eurofins|mgt has emerged from the Eurofins Scientific acquisition of mgtLabMark Environmental Pty Ltd. Eurofins|mgt has 200 staff and a network of National NATA Accredited Environmental Laboratories located in Brisbane, Sydney & Melbourne that are supported by a National distribution and service network with offices located in Adelaide, Perth, Darwin & Newcastle. Eurofins also operates an Environmental Laboratory in Wellington along with Food and Agroscience Laboratories in Auckland, Hamilton & Christchurch.

Majestic evaluated, planned and implemented the successful network integration by:-

  1. Configuring existing network servers, workstations, printers, switches, routers, bridges, modems etc.
  2. Configuring and installing new network servers, switches etc
  3. Migrating network applications and data
  4. Configuring WAN connections and secure remote access
  5. Arranging installation of phone, fax and internet connections
  6. Transferring domains and web sites
  7. Transferring ownership of licensed applications