|MSP, IT provider
|Help clients meet HIPAA compliance reqs
Axigent needed a SIEM that was easy to set up and sell to healthcare clients so that they meet HIPAA compliance for log monitoring and retention.
With Blumira, Axigent can offer their customers an all-in-one SIEM solution that meets HIPAA requirements for monitoring, log review, detection, and data retention.
Blumira helps us check that box for customers for HIPAA compliance. Cyber insurance and PCI DSS also require log monitoring and retention. There will be a day that something happens, but if you’ve at least got the logs; taken every step to document and prevent ransomware and a breach; if you’re doing everything you can – there’s no HIPAA fine or insurance rate hike. Security solutions may seem expensive, but they are still only a fraction of the cost it would be if you had to deal with a breach.
Established in 2003, Axigent Technologies Group provides managed IT services and solutions. From their headquarters in Amarillo, Texas and offices in the Dallas metroplex, they provide service and support to customers across Texas, Oklahoma, and New Mexico.
Axigent leverages partnerships with industry leaders including VMware, Cisco, DellEMC, and Microsoft to provide their customers with comprehensive business solutions in infrastructure virtualization, storage, network design, voice over IP deployment, and cloud services.
The team at Axigent has over 70 years of combined experience supporting a variety of vertical markets including healthcare, legal, and professional services. It is their mission to provide leading edge and reliable technology solutions along with unsurpassed customer service to all of their clients.
Axigent President and CEO David Doan started the company 20 years ago to provide IT services to small businesses that span a variety of industries, including medical, family medicine, specialty physicians, dental, neurologists, law firms, accounting firms, professional services, manufacturing, and many other types of businesses.
Axigent often provides 100% of their IT and security support, or as a co-managed model, with one to two in-house employees covering desktop support, end user and day-to-day tasks. Customers also use Axigent for the heavy lifting on the network and server management side. As a result, the Axigent team has a lot on their plate when it comes to managing both IT and security for their healthcare customers.
“Attackers aren’t going after the big companies anymore. They have large security teams with a lot of training and are very well-versed in keeping the bad people out,” Doan said. “Small businesses are a huge target.”
Many of their small business customers have limited budgets, but since they’re also mostly medical facilities, they are faced with the challenge of meeting HIPAA (Health Insurance Portability and Accountability Act) compliance. HIPAA is a data regulatory framework that healthcare providers must adhere to in order to keep protected health information (PHI) secure.
Two HIPAA requirements that Axigent customers need to check the box for include log retention and monitoring. HIPAA also requires healthcare organizations and their business associates to implement procedures to regularly review logs, as well as record and examine activity in systems with electronic PHI. Learn more about how Blumira helps fulfill HIPAA requirements.
While Axigent first attempted to use Perch Security (now acquired by ConnectWise), they found they had a very convoluted pricing model, and their solution was difficult to set up and get going.
“We had Perch deployed internally, but it was such a headache to set up and price out to sell to a customer. We would have to get their sales rep involved to sell it,” Doan said.
After attending an Exchange vendor expo event, the Axigent team found Blumira. They liked Blumira’s simple pricing model that gave them the most integrations and flexibility, while retaining logs for at least one year to help their clients easily meet HIPAA compliance requirements.
“With Perch, there wasn’t much support after the initial setup. With Blumira, I was getting check-ins regularly, with a lot of proactive help during deployment and from the support team,” Doan said.
Axigent easily got their internal deployment of Blumira set up and found Blumira to be helpful when it came time to roll out the solution to another customer. They took advantage of Blumira’s documentation, assistance, and responsive support.
“All of the documentation from Blumira is concise and well-written. We can give it to our guys and say, hey, follow this guide and you can get set up easily. We went from using a product with no support to a product with a ton of help with getting stuff rolled out.”
When it comes to the types of attacks they see, it comes down to what types of data attackers are going after when they target healthcare organizations.
“Attackers aren’t after medical records – they’re after the doctor that it came from, or your PII (personally identifiable information) or SSN (Social Security number). So many big places have been breached already. If they can get enough information about you, they can craft fake emails and fake texts to scam money out of you,” Doan said. “Most of the attacks we’ve seen so far are targeting users or user credentials to get more information about people.”
Axigent’s healthcare customers can now meet HIPAA compliance with Blumira’s log monitoring, regular recording of system activity, log-in monitoring and log data retention; all provided by Blumira’s all-in-one platform that combines SIEM, endpoint visibility and automated response into one solution.
“Blumira helps us check that box for customers for HIPAA compliance. Cyber insurance and PCI DSS also require log monitoring and retention. There will be a day that something happens, but if you’ve at least got the logs; taken every step to document and prevent ransomware and a breach; if you’re doing everything you can – there’s no HIPAA fine or insurance rate hike,” Doan said. “Security solutions may seem expensive, but they are still only a fraction of the cost it would be if you had to deal with a breach.”