Mar 30, 2021

How VITAS Healthcare’s Endpoint Management System Paid for Itself in Six Months

Largest hospice care provider in the U.S. turns to Tanium to dramatically streamline software updating and patching processes while uniting IT and security

By Michael Belfiore, Contributing Editor

The security of the devices used to support patients receiving end-of-life care and their loved ones is an ever-present challenge for hospice providers. In 2019, the IT department at VITAS Healthcare (pronounced VEE-tahs) reached out to Tanium to improve its ability to update software for more than 5,000 employee laptops and other devices.

VITAS is the largest hospice care provider in the United States, serving more than 19,000 patients — most of them at home — in 14 states and Washington, D.C.

By turning to the Tanium platform, VITAS was able to meet several key needs, including manual updates for all operating system upgrades (which could take as long as a year) and the ability to keep pace with monthly patching cycles; at the time, existing endpoint management tools took more than 30 days to patch.

Mitch Teichman, senior manager of client engineering at VITAS, described the transformation of VITAS’ endpoint software management process in a session at the Tanium Converge 2020 conference in November.

Seamless updating and remote patching

One of the key challenges faced by the VITAS IT department was updating its in-house electronic medical record (EMR) system to comply with ever-changing regulations. COVID-19’s arrival in early 2020 sped up the requirements for even faster updates.

The team needed tools that could keep pace with the rapid-fire changes, provide real-time feedback, and deliver required reporting for the team on these critical updates. Existing software updates were often slow and did not provide adequate data about completion.

Other factors presented challenges, too. Current VITAS endpoint management tools provided visibility only for devices when they were connected to a company virtual private network (VPN), a process that further slowed software updates and patching. Likewise, the VITAS security team used a different reporting tool, meaning both groups received “completely different numbers,” Teichman says.

“We were facing long patching cycles, typically over 30 days, which essentially means we were perpetually patching,” he explains.

These problems were compounded by services that require care providers to work at the bedsides of patients in their homes. Even more than other companies under lockdown, VITAS had to deal with widely diverse devices and connections into the corporate network from patients’ private homes, skilled care facilities, assisted living communities and the like.

You can also check out this video to hear how VITAS seamlessly transitioned to a fully distributed workforce when the COVID-19 pandemic struck.

Software deployments in less than 24 hours

Teichman recalls the anticipation of the first EMR system update deployed using Tanium.

“The EMR system is incredibly important to our business,” he explains. “So there were a lot of nerves around here.”

But the updates rolled out across the company’s network in less than 24 hours, Teichman says, giving the IT team visibility into nearly all of its endpoints, and allowing team members to track each stage of every update.

A dashboard showed which endpoints were currently downloading updates, which updates had completed and which devices were current.

Teichman appreciates the Tanium Platform’s ability to flag failed endpoint updates and the reasons why.

“This real-time visibility is a boon for the IT team and leadership,” he says. “It allows us to report right away about something vital to the business with accurate numbers.”

The VITAS IT team also caught up on software patching almost as quickly. The first patching cycle deployed and completed more than 60,000 overdue patches in just two days.

Since then, the VITAS IT team has cut from 30 days to 2 weeks the time needed for the ongoing patching process, aided by quicker updates if needed. The extra two-week time frame allows the quality assurance group to vet patches before they’re widely released.

As the system of record for the company’s endpoints, Tanium brings ongoing benefits to VITAS.

“We live in complete harmony when it comes to reporting to leadership with the security team,” Teichman says. “It’s a beautiful thing. The numbers we see are the same numbers they see.”

These days, Teichman and his team feel confident that VITAS devices are up to date and protected. That means the company’s hospice professionals and volunteers can look after patients without worrying about their laptops.

“Despite having people and their devices scattered across the country, Tanium makes endpoint management business as usual for us,” Teichman says.


Watch Teichman’s breakout session on the Converge 2020 website.