Healthcare Technology Vendor News

ICS-CERT Issues Advisory After Nine Vulnerabilities Discovered in Philips E-Alert Units

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a further advisory about Philips healthcare devices after nine vulnerabilities were self-reported to the National Cybersecurity & Communications Integration Center (NCCIC) by the Amsterdam-based technology company.

This is the fourth advisory issued by ICS-CERT in the past month. Previous advisories have been issued over cybersecurity vulnerabilities in its central patient monitoring system – Philips IntelliVue Information Center iX (1 vulnerability), Philips PageWriter Cardiographs (2 vulnerabilities), and Philips IntelliSpace Cardiovascular cardiac image and information management software (2 vulnerabilities).

The latest advisory concerns nine vulnerabilities discovered in Philips eAlert units – These are non-medical devices that monitor imaging systems such as MRI machines to identify issues rapidly before they escalate. The devices are used by healthcare providers around the world.

One of the vulnerabilities is rated critical, five are high severity, and three are medium severity. If exploited, an attacker on the same subnet could potentially obtain user contact details, compromise unit integrity/availability, provided unexpected input into the application and execute arbitrary code, altering display unit information or causing the device to crash. The vulnerabilities affect all versions of the software, including R2.1.

In order of severity, the vulnerabilities are:

CVE-2018-8856 (CWE-798) – Hard-Coded Credentials – CVSS v3 score: 9.8

A hard-coded cryptographic key is present in the software which is used for the encryption of internal data.

CVE-2018-8842 (CWE-319) – Cleartext Transmission of Sensitive Information – CVSS v3 score: 7.5

Sensitive and security-critical data are transmitted in cleartext which could be intercepted by individuals unauthorized to view the information. Since the Philips e-Alert communication channel is not encrypted, personal contact information and application login credentials could be obtained from within the same subnet.

CVE-2018-8854 (CWE-400) – Uncontrolled Resource Consumption – CVSS v3 score: 7.5

The size or amount of resources requested or influenced by an actor are not properly restricted, which can be used to consume more resources than intended.

CVE-2018-8850 (CWE-20) – Improper Input Validation – CVSS v3 score: 7.1

Improper validation of input that would allow an attacker to craft input in a form not expected by the application. Parts of the unit could receive unintended input potentially resulting in altered control flow, arbitrary control of a resource, or arbitrary code execution.

CVE-2018-8846 (CWE-79) – Improper Neutralization of Input During Web Page Generation – CVSS v3 score: 7.1

The software fails to neutralize or improperly neutralizes user-controlled input before being placed in output that is used as a web page which is subsequently served to other users.

CVE-2018-8848 (CWE-276) – Incorrect Default Permissions – CVSS v3 score: 7.1

When the software is installed, incorrect permissions are set for an object that exposes it to an unintended actor.

CVE-2018-8844 (CWE-352) – Cross-Site Request Forgery – CVSS v3 score: 6.8

The web application does not adequately verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVE-2018-8852 (CWE-384) – Session Fixation – CVSS v3 score: 6.4

When authenticating a user or establishing a new user session, an attacker is given an opportunity to steal authenticated sessions without invalidating any existing session identifier.

CVE-2018-14803 (CWE-200) – Information Exposure – CVSS v3 score: 5.3

This is a banner disclosure vulnerability that could allow an attacker to gain product information such as the OS and software components via the HTTP response header which would normally not be available to an attacker.

Four of the vulnerabilities have been addressed with the release of R2.1 (CVE-2018-8842, CVE-2018-8856, CVE-2018-8850, CVE-2018-8852) and the remaining five vulnerabilities (CVE-2018-8854, CVE-2018-8846, CVE-2018-8848, CVE-2018-14803, CVE-2018-8844) will be addressed with a software update which has been planned for the end of the year.

Users of vulnerable devices should ensure that they have upgraded to software version R2.1 which will address four of the vulnerabilities, including the critical hard-coded credential flaw.

Philips also recommends users take the following actions as an immediate mitigation to reduce the potential for exploitation of the five remaining flaws until the next software update is released:

  • Ensure that network security best practices are implemented, and
  • Limit network access to e-Alert in accordance with product documentation.

The post ICS-CERT Issues Advisory After Nine Vulnerabilities Discovered in Philips E-Alert Units appeared first on HIPAA Journal.

Critical Flaw Identified in BD Alaris Plus Medical Syringe Pumps

A critical remotely exploitable flaw has been detected in BD Alaris Plus medical syringe pumps. The flaw would enable a threat actor to gain access to an affected medical syringe pump when it is connected to a terminal server via the serial port. If the flaw is exploited a threat actor could alter the intended function of the pump.

The flaw is an improper authentication vulnerability. The software fails to perform authentication for functionality that requires a provable user identity.

The flaw was identified by Elad Luz of CyberMDX who notified Becton, Dickinson and Company (BD), which in turn voluntarily reported the vulnerability to the National Cybersecurity & Communications Integration Center and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The latter issued an advisory about the vulnerability on August 23, 2018.

The vulnerability affects version 2.3.6 of Alaris Plus medical syringe pumps and prior versions, specifically the Alaris GS, Alaris GH, Alaris CC, and Alaris TIVA products. The vulnerability has been assigned a CVSS v3 score of 9.4 out of 10 and is being tracked as CVE-2018-147.

BD has explained that the vulnerability does not affect any products that are sold in the United States. All current versions of Alaris Plus pumps do not have the vulnerability. Vulnerable devices were previously sold in the European Union.

The vulnerability cannot be exploited while the device is connected to the Alaris Gateway Workstation docking station as the remote-control feature is disabled when the device is connected to the docking station.

If the device is not switched on it cannot be turned on remotely. BD also notes that were the flaw to be exploited access to PII or PHI could not be gained.

BD has explained that an attack utilizes a known vulnerability in terminal servers. Use of the device with terminal servers is not supported. To reduce the potential for the flaw to be exploited, all users have been advised to operate the affected pumps as stand-alone devices or alternatively they should be used in a segmented network environment.

The ICS-CERT advisory claims the vulnerability would only require a low level of skill to exploit, although according to BD, “To execute this attack one would need to ensure the affected device is connected to a terminal server via the serial port, have an understanding of the device communication protocol, have access to specific driver software to implement the pump protocol communication and the ability to penetrate a customer network and gain unauthorized access to terminal server devices.”

Because of the sequence of events required to exploit the vulnerability, BD said “the probability of an unauthorized breach in network security that impacts the delivery of a patient’s IV infusion is negligible.”

The post Critical Flaw Identified in BD Alaris Plus Medical Syringe Pumps appeared first on HIPAA Journal.

Warnings Issued About Vulnerabilities in Philips PageWriter Cardiographs and IntelliVue Information Center iX

Over the past few months, several vulnerabilities have been discovered in Philips medical devices, software and systems.

This week, two further advisories have been issued by the Industrial Control Systems Cyber Emergency Team (ICS-CERT) about vulnerabilities the firm’s real-time central monitoring system, Philips IntelliVue Information Center iX, and its PageWriter cardiographs. All three of the vulnerabilities are classed as medium risk with CVSS v3 base scores ranging between 5.7 and 6.1.

CVE-1999-0103 is a denial of service vulnerability that affects the Philips IntelliVue Information Center iX version B.02. The flaw was discovered by a user of the system and was reported to Philips, which in turn reported the vulnerability to the National Cybersecurity and Communications Integration Center’s (NCCIC).

The vulnerability can be exploited remotely and does not require a high level of skill. If multiple initial UDP requests are made, it could compromise the availability of the device by causing the operating system to become unresponsive. The vulnerability has been assigned a CVSS v3 base score of 5.7.

Philips has already put mitigations in place to reduce the potential for the vulnerability to be exploited. All PIIC iX B.02 users have been advised to read the labelling, instructions for use, and service guides, which detail compensating controls. A patch will be released to correct the vulnerability by the end of September 2018.

Two vulnerabilities have been identified by Philips affecting its PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs. The flaws are present in all versions prior to May 2018.

CVE-2018-14799 is an improper input validation vulnerability. The devices do not properly sanitize data entered by users, which could result in the triggering of a buffer overflow condition. If exploited, a threat actor could access and modify device settings. The vulnerability has been assigned a CVSS v3 base score of 5.9.

CVE-2018-1480 concerns the use of hard-coded credentials. To exploit this vulnerability an attacker would need physical access to the device and would require the superuser password. With the password and physical access it would be possible to change all settings on the device and reset all existing passwords. The vulnerability has been assigned a CVSS v3 base score of 6.1.

The PageWriter vulnerabilities will be addressed by Philips via a new release, but that will not be available until the middle of 2019.

Philips notes that the WinCE5 operating system on the PageWriter TC20, TC30, TC50 and TC70 is now obsolete and is no longer supported. TC50 and TC70 can be updated to WinCE7, which users can download from InCenter.

However, TC20 and TC30 do not support WinCE7 so customers have been advised to upgrade to TC50 if they are concerned about the obsolete operating system, otherwise Philips will be issuing an update for the TC20 to a supported operating system by the end of 2019.

In the meantime, Philips suggests defense in depth, physical security controls to prevent access to the devices, controlling access to system components to protect medical devices in the system, and the use of multi-factor authentication.

The post Warnings Issued About Vulnerabilities in Philips PageWriter Cardiographs and IntelliVue Information Center iX appeared first on HIPAA Journal.

Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation

Cofense has announced that further updates have been made to its award-winning phishing email simulation platform, Cofense PhishMe. The updates provide even greater opportunities for automating phishing simulation campaigns to save administrators even more time.

Security awareness and anti-phishing training is now an important part of healthcare organizations’ cybersecurity programs. In addition to investing in technology to block phishing and other email-based threats, end users require training. Even layered defenses will not stop all phishing threats from reaching inboxes. Without training, end users will remain the weakest link in the security chain.

Phishing simulation exercises are an important part of the training process. They allow security teams to assess how effective their training programs have been and identify weak points in the training program. They also allow security teams to identify individuals who have failed to understand certain parts of the training program.

While phishing simulation platforms include some opportunities for automation and scheduling, creating and running phishing simulations can still be a time-consuming process.

The latest updates to the Cofense PhishMe platform incorporate even more opportunities for automation. Whereas creating a program of 12 phishing scenarios and scheduling those campaigns over the course of a year would have taken an administrator about three hours to complete, the update shaves off 91% of that time. The same 12 campaigns can be created and scheduled in 15 minutes.

This has been achieved with the use of playbooks. The playbooks can be used to create, schedule, and launch phishing templates and schedule them over the course of a year. Additionally, administrators can automate the sending of reminders to end users based on the training programs they have competed – or not completed – saving even more time. The playbooks also incorporate the lessons learned from phishing simulation campaigns conducted by 400 of Fortune 1000 companies that have used the Cofense PhishMe platform.

“At Cofense we believe in automation as a way to relieve security operators of the repetitive tasks to allow them to focus on strategic, intelligent decision-making,” said Rohyt Belani, Co-founder and CEO of Cofense. “Playbooks are meant to allow both managed services providers and our end clients the ability to choose various programs just like one does on a treadmill in a gym, so they don’t need to focus on the metaphorical tasks of having to change speed and incline but can instead focus on designing and tracking the appropriate success criteria and presenting them appropriately to senior management.”

In addition to the Cofense PhishMe updates, the Leesburg, VA-based company has also recently launched its new phishing-specific Security Orchestration, Automation and Response (SOAR) platform, has incorporated board-level reporting, and has launched mobile Cofense Reporter and more accurate Microsoft attachment tracking. These updates and the continued high-level innovation have helped the company remain the market leader in phishing defense and attack disruption.

The post Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation appeared first on HIPAA Journal.

More Than 20 Serious Vulnerabilities in OpenEMR Platform Patched

OpenEMR is an open-source electronic health record management system that is used by many thousands of healthcare providers around the world. It is the leading free-to-use electronic medical record platform and is extremely popular.

Around 5,000 physician offices and small healthcare providers in the United States are understood to be using OpenEMR and more than 15,000 healthcare facilities worldwide have installed the platform. Around 100 million patients have their health information stored in the database.

Recently, the London-based computer research organization Project Insecurity uncovered a slew of vulnerabilities in the source code which could potentially be exploited to gain access to highly sensitive patient information, and potentially lead to the theft of all patients’ health information.

The Project Insecurity team chose to investigate EMR and EHR systems due to the large number of healthcare data breaches that have been reported in recent years. OpenEMR was the natural place to start as it was the most widely used EMR system and with it being open-source, it was easy to test the code without running into legal problems. The findings of the investigation into OpenEMR v5.0.1.3 are detailed in Project Insecurity’s vulnerability report (PDF).

After identifying around 20 serious vulnerabilities, the vendor was contacted on July 7, 2018 and was given a month before public disclosure, allowing time for developers to correct the flaws.

One of the most serious vulnerabilities discovered allowed an attacker to bypass authentication on the Patient Portal Login. The authentication was simple, requiring next to no skill to pull off. An individual only needed to navigate to the registration page and modify the requested URL to access the desired page. By exploiting this flaw, it would be possible to view and alter patient records and potentially compromise all records in the database.

Project Insecurity discovered nine flaws that allowed SQL injection which could be used to view data in a targeted database and perform other database functions, four flaws could be exploited that would allow remote code execution to escalate privileges on the server, several cross-site request forgery vulnerabilities were discovered, three unauthenticated information disclosure vulnerabilities, an unrestricted file upload flaw, and unauthenticated administrative actions and arbitrary file actions were possible.

The vulnerabilities were identified through a manual review of the code and by modifying requests. No source code analysis tools were used. If the flaws had been found by a hacker, huge numbers of medical records could have been accessed, altered, and stolen.

OpenEMR has now issued patches to correct all the flaws identified by the Project Insecurity team.

The post More Than 20 Serious Vulnerabilities in OpenEMR Platform Patched appeared first on HIPAA Journal.

Vulnerabilities Discovered in Medtronic MyCareLink Patient Monitors and MiniMed Insulin Pumps

An advisory has been issued by ICS-CERT about vulnerabilities in MedTronic MyCareLink Patient Monitors and the MiniMed 508 Insulin Pump. This is the second advisory to be issued about MyCareLink Patient Monitors in the past six weeks. In June, ICS-CERT issued a warning about the use of a hard-coded password (CVE-2018-8870) and an exposed dangerous method or function vulnerability (CVE-2018-8868).

The latest vulnerabilities to be discovered are an insufficient verification of data authenticity flaw (CVE-2018-10626) and the storage of passwords in a recoverable format (CVE-2018-10622). The vulnerabilities are present in all versions of the Medtronic MyCareLink 24950 and 24952 Patient Monitors.

If an attacker were to obtain per-product credentials from the monitor and the paired implanted cardiac device, it would be possible for invalid data to be uploaded to the Medtronic Carelink network due to insufficient verification of the authenticity of uploaded data. The vulnerability has been assigned a CVSS v3 score of 4.4 (medium severity).

The way that passwords are stored could allow them to be recovered by an attacker and used for network authentication and encryption of local data at rest. This vulnerability has been assigned a CVSS v3 score of 4.9 (medium severity).

The vulnerabilities were identified by security researchers at Whitescope LLC, who reported them to the National Cybersecurity and Communications Integration Center (NCCIC).

Medtronic has already taken steps to address the vulnerabilities. Server-side updates have been made to correct the data authenticity verification issue and further mitigations will be implemented shortly to enhance data integrity and authenticity. To reduce the risk of exploitation, Medtronic recommends users maintain good physical control over their home monitors and only use monitors that have been obtained from healthcare providers.

Two vulnerabilities have also been identified in the Medtronic MiniMed 508 Insulin Pump by the Whitescope researchers. The first is the cleartext transmission of sensitive information (CVE-2018-40634) and the second is an authentication bypass flaw that could be exploited in a capture replay attack (CVE-2018-14781).

The researchers discovered that communications between the insulin pump and wireless accessories are sent in cleartext, which could allow sensitive information such as the device serial number to be captured by an attacker. The vulnerability has been assigned a CVSS v3 score of 4.8 (medium severity).

When the insulin pump is paired with a remote controller and the easy-bolus and remote bolus options are set, the device is vulnerable to a capture-replay attack which would allow the wireless transmissions to be captured and replayed resulting in an additional insulin (bolus) delivery. The vulnerability has been assigned a CVSS v3 score of 5.3 (medium severity).

The vulnerabilities affect the following MiniMed insulin pumps and associated products: MMT 508 MiniMed insulin pump, MMT – 522 / MMT – 722 Paradigm REAL-TIME, MMT – 523 / MMT – 723 Paradigm Revel, MMT – 523K / MMT – 723K Paradigm Revel, and MMT – 551 / MMT – 751 MiniMed 530G.

Medtronic will not be issuing a fix to correct the flaws as devices are only vulnerable if the remote option is enabled. Devices are not vulnerable in their default configuration. Users can disable to easy bolus and remote bolus options if they have been set. If users wish to continue to use the easy bolus option, they should be attentive to device alerts when enabled and should turn off the easy bolus option when they are not intending to use the remote bolus option.

The post Vulnerabilities Discovered in Medtronic MyCareLink Patient Monitors and MiniMed Insulin Pumps appeared first on HIPAA Journal.

Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform

Cofense has developed a new product which will soon be added to its portfolio of anti-phishing solutions for healthcare organizations and incorporated into its phishing-specific security orchestration, automation and response (SOAR) platform.

The announcement comes at a time when the healthcare industry has been experiencing an uptick in phishing attacks. The past few months have seen a large number of healthcare organizations fall victims to phishing attacks that have resulted in cybercriminals gaining access to employee’s email accounts and the PHI contained therein.

Perimeter security defenses can be enhanced to greatly reduce the number of malicious emails that reach employees’ inboxes, but even when multiple security solutions are deployed they will not block all phishing threats.

Security awareness training is essential to reduce susceptibility to phishing attacks by conditioning employees to stop and think before clicking links in emails or opening questionable email attachments and to report suspicious emails to their security teams.

However, security teams can struggle to identify real threats quickly. Employees will typically report a wide range of emails, not just malicious messages. Most organizations will see their abuse mailboxes fill up rapidly and security teams often waste valuable time sifting through messages to find the real threats.

Cofense has attempted to solve the problem with the release of a SOAR platform that helps incident response teams identify and mitigate phishing attacks in progress much more rapidly. Cofense Triage allows incident response teams to rapidly assess, analyze, and remediate phishing attacks in real-time by filtering out the noise.

Cofense Triage has recently been enhanced with new features that allow third-party security solutions to be integrated through its REST API to ensure an optimized, security orchestration response. Remediating phishing threats has been made easier through automation using playbooks and workflows – sets of criteria that will automatically execute a response to mitigate an attack if certain criteria are met.

Now the Leesburg, VA-based anti-phishing vendor has developed a new anti-phishing solution – Cofense Vision – which will soon be incorporated into its phishing-specific SOAR. Cofense Vision – due to be generally available in Q4 2018 – will make it easier and quicker to identify all phishing emails in a campaign and quarantine them rapidly to neutralize the threat.

When a phishing email is identified, it is unlikely to be the only copy of the message in an organization’s email system. Tens or even hundreds of copies may be hiding in other inboxes, including carbon copies of the message, variations along the same theme, and totally different messages containing the same malicious payload.

Cofense Vision helps incident response teams search, identify, and quarantine all phishing emails in a particular campaign, querying messages by sender, date, subject, attachment name, attachment hash, and many more criteria. When all messages have been identified, they can be quarantined with a single click, removing all malicious messages from an organization’s entire email system.

This is just one of a host of new anti-phishing solutions that can be deployed to help healthcare organizations deal with the threat of phishing. As news breaks of a million-record-plus healthcare phishing attack, advanced phishing solutions are clearly needed to tackle the threat to the confidentiality, integrity, and availability of PHI.

The post Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform appeared first on HIPAA Journal.

Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform

Cofense has developed a new product which will soon be added to its portfolio of anti-phishing solutions for healthcare organizations and incorporated into its phishing-specific security orchestration, automation and response (SOAR) platform.

The announcement comes at a time when the healthcare industry has been experiencing an uptick in phishing attacks. The past few months have seen a large number of healthcare organizations fall victims to phishing attacks that have resulted in cybercriminals gaining access to employee’s email accounts and the PHI contained therein.

Perimeter security defenses can be enhanced to greatly reduce the number of malicious emails that reach employees’ inboxes, but even when multiple security solutions are deployed they will not block all phishing threats.

Security awareness training is essential to reduce susceptibility to phishing attacks by conditioning employees to stop and think before clicking links in emails or opening questionable email attachments and to report suspicious emails to their security teams.

However, security teams can struggle to identify real threats quickly. Employees will typically report a wide range of emails, not just malicious messages. Most organizations will see their abuse mailboxes fill up rapidly and security teams often waste valuable time sifting through messages to find the real threats.

Cofense has attempted to solve the problem with the release of a SOAR platform that helps incident response teams identify and mitigate phishing attacks in progress much more rapidly. Cofense Triage allows incident response teams to rapidly assess, analyze, and remediate phishing attacks in real-time by filtering out the noise.

Cofense Triage has recently been enhanced with new features that allow third-party security solutions to be integrated through its REST API to ensure an optimized, security orchestration response. Remediating phishing threats has been made easier through automation using playbooks and workflows – sets of criteria that will automatically execute a response to mitigate an attack if certain criteria are met.

Now the Leesburg, VA-based anti-phishing vendor has developed a new anti-phishing solution – Cofense Vision – which will soon be incorporated into its phishing-specific SOAR. Cofense Vision – due to be generally available in Q4 2018 – will make it easier and quicker to identify all phishing emails in a campaign and quarantine them rapidly to neutralize the threat.

When a phishing email is identified, it is unlikely to be the only copy of the message in an organization’s email system. Tens or even hundreds of copies may be hiding in other inboxes, including carbon copies of the message, variations along the same theme, and totally different messages containing the same malicious payload.

Cofense Vision helps incident response teams search, identify, and quarantine all phishing emails in a particular campaign, querying messages by sender, date, subject, attachment name, attachment hash, and many more criteria. When all messages have been identified, they can be quarantined with a single click, removing all malicious messages from an organization’s entire email system.

This is just one of a host of new anti-phishing solutions that can be deployed to help healthcare organizations deal with the threat of phishing. As news breaks of a million-record-plus healthcare phishing attack, advanced phishing solutions are clearly needed to tackle the threat to the confidentiality, integrity, and availability of PHI.

The post Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform appeared first on HIPAA Journal.

Qcentive Controls AWS Costs & Enables Cloud Computing in Healthcare with ParkMyCloud

The Massachusetts-based healthcare startup Qcentive, the developer of a cloud-based platform that helps healthcare companies with the creation and management of value-based contracts, was one of the first companies authorized to move healthcare data to the cloud.

The first-in-class transaction platform has been certified as HIPAA compliant and incorporates appropriate safeguards to ensure the confidentiality, integrity, and availability of ePHI. The company uploads patient and healthcare contract information to AWS, where the data are accessed by the company’s application.

The platform helps its health plan clients and their value-based contracting providers analyze claims data and patient information such as emergency room visits and use the information to quickly calculate potential savings.

While developing the platform, Qcentive uploaded large quantities of patient and claim data to AWS and created AWS resources as necessary, although as many companies discover, AWS costs can quickly mount up. Qcentive tried to find a way to keep its AWS costs under control, starting with rightsizing resources and using Reserved Instances. That resulted in savings of around 30%-40% over their on-demand EC2 costs. However, such a strategy was not ideal, as Reserved Instances require a long-term commitment for non-production instances.

Qcentive was running instances 24/7/365 and was being charged by the minute, even though those resources did not need to be running round the clock and were often underutilized. The company experimented with switching off resources using standard AWS tools and restarting them when needed. However, that tactic lacked flexibility and greater user governance was required.

The firm searched for a tool that allowed automated scheduling of AWS resources and discovered ParkMyCloud. The PArkMyCloud platform allowed Qcentive to run instances 12 hours a day instead of 24, halving the company’s cloud costs.

Using the platform to automate and schedule resources resulted in immediate savings of 20% on its AWS bill, while maintaining flexible access for its end users. Schedules are set on resources with them typically running 12 hours a day Monday to Friday. If access to resources is required outside of the scheduled hours, such as over the weekend, they can be easily switched back on via a mobile app.

Now the firm is placing all AWS instances, databases and auto-scaling groups on a schedule and only turns the instances on when there is a workload to run. Around 40%-50% of its resources are now only running Monday to Friday, resulting in significant savings. The cost of the ParkMyCloud platform is covered through the savings that have been realized, and the firm is now saving far more than was possible using Reserved Instances.

“Reserved Instances look great the day you buy them, but then the first time you have to change the size on something, all of the sudden you’ve got Reserved Instances that you’re not using anymore. With ParkMyCloud that never happens. It’s all savings,” said Bill Gullicksen, Director of IT, Qcentive.

The post Qcentive Controls AWS Costs & Enables Cloud Computing in Healthcare with ParkMyCloud appeared first on HIPAA Journal.