Technology: Modeling Success
Features
Written by Deborah Geering   
Thursday, 01 May 2008
Technology: Modeling Success - Health Executive - RedCoat Publishing
New tools and tighter controls can help hospitals keep PC maintenance under control.
There’s a monthly event, observed by all IT professionals, of which the rest of us remain blissfully unaware: Patch Tuesday.

On the second Tuesday of each month, Microsoft releases its security patches. That means that at least once a month, the IT team at your organization must make sure each PC and laptop gets the correct patches to keep the entire system safe. That’s in addition to all the routine software updates that must be uploaded onto each computer.

That’s no small task when you’re talking about thousands of computers. Even with cloning, in which one updated hard drive “image” is propagated onto multiple machines, the process takes time. Each image may take several days to build.

“As you replace computers and conduct rollouts, migrations, and deployments, getting the correct data on all those machines is a problem,” said Jim Szopinski, vice president of Binary Research International, the company that produced the first enterprise imaging and deployment solution, called Ghost.
 
The problem is that a separate disk image must be built for each model (and sometimes for batches of computers of the same model). “The question people were asking was, ‘I set up my machine on a Dell desktop, but now I have Gateways, or a laptop. I can Ghost it, but I still have to do 20 or 30 minutes of post-cloning work on each machine. Isn’t there something we can do?’”

There are two answers: either limit the number of computer models within the organization or find a new cloning approach.

One model, one image
Dr. John Halamka has gone the first route. As CIO of Boston-based CareGroup Health System, Halamka has instituted tight mandates on the hardware that can be added to the system.

“At CareGroup, we must protect the confidentiality of 3 million records (HIPAA mandate and patient expectation), ensure nearly 100% uptime, and prevent all viruses/trojans/worms/keystroke loggers from entering our network to ensure the integrity of patient data as mandated by numerous compliance requirements,” Halamka wrote in his blog at geekdoctor.blogspot.com.

His solution is that the vast majority of computers within the system, by mandate, are Dell Optiplexes, a high-end product line with standardized components. Laptops are similarly mandated. Beth Israel Deaconess will only approve purchases of Dell Latitude laptops.

The computers cost a little more upfront but are well worth the added price, he said in a phone interview.

“You have to recognize that security is an end-to-end process,” said Halamka, who is also an emergency physician and dean for technology at Harvard Medical School. “If you are running a home computer that you bought at CompUSA, and you’re running Windows 95 that’s loaded with viruses from programs that you downloaded from the Internet, and then you try to connect with the hospital, you really are the weakest link.”

With the help of remote updating through Microsoft SMS, the 7,500 or so machines at CareGroup’s Beth Israel Deaconess Medical Center are serviced by just eight IT staff members, nearly 1,000 machines per person. “Because the hardware and software is standardized, replacing parts, maintaining desktop images, and managing the lifecycle of the products (about five years) is very efficient,” Halamka wrote. The standards also mean that the organization can leverage its purchasing power and focus its IT training.

One image, multiple models
Of course, the standardized system approach presents challenges. First, enforcing the standards requires an iron fist. Second, the other side to the one-vendor coin is that once an organization has committed, renegotiating the contract can get tricky.

Michael Cross found another approach. Although the Denver VA Medical Center is a “Dell shop,” multiple models (and varying components within the same models) meant that Cross, the self-described “clonemeister” for the institution, had to maintain several different hard drive images in order to stay on top of updates.

A few years ago, Cross learned about a tool that enabled one cloned image to work on several models of machines. The application, Big Bang’s Universal Imaging Utility (UIU), works with existing imaging software, such as Altirus, Ghost, or Zenworks, to create a single disk image that can be deployed onto any PC. He told his supervisor, and now UIU is licensed to about 2,000 computers throughout the VA system in Southern Colorado.

The difference, said Cross, now a computer technician, is phenomenal. “It’s fantastic. It saves us so much time, it’s unreal,” he said. “Before I started using this, I was doing approximately seven or eight different masters, and each one takes three or four days to build. Now I’m using one image.”

Cross said that UIU developers stay on top of new models, so the application always works with every machine. “We had some video driver problems with the Dell 800 series, but that’s the worst episode we’ve had. I think they’re always about a half-step ahead.”

The UIU works with nearly every business-class computer right out of the box, said Szopinski of Binary Research, the distributor for the application. “It includes a very comprehensive set of device drivers and plug-and-play IDs so that when you use that image on any other machine, it will recognize all the components that are in that new machine.” Pricing for the UIU ranges from $10 to $20 per license, depending on the number of computers in the organization.

“The UIU allows heterogeneous systems to operate in a homogenous environment,” Szopinski said. “We have customers tell us that the next time they bought systems, they saved $20,000 because they got to shop around more.”

With both the UIU approach and the standard-model approach, however, imaging is a far simpler affair. Your IT staff spends less time playing security catch-up.

“Every time Patch Tuesday comes around, the IT guys want to get those on the machines as quickly as possible,” Szopinski said. “It’s not fun, and it’s really a waste of time. I’d rather have them work on stuff that’s going to make things work better and run better.”

Deborah Geering, This e-mail address is being protected from spam bots, you need JavaScript enabled to view it , is an Atlanta-based freelance writer.
 
< Previous Story   Next Story >