Since 2006, Solothurner Spitäler AG has been an integral part of a non-profit corporation, overseeing the public hospitals in Switzerland's canton of Solothurn. Despite facing the formidable challenges posed by the pandemic and a shortage of skilled workers, this venerable institution, with roots dating back to the 15th century, continues to provide top-notch healthcare to the population of Solothurn. Bolstered by a dedicated workforce of over 4,200 employees, the facility remains steadfast in delivering the highest level of care to the community.
Given the rising prevalence of ransomware attacks targeting healthcare facilities across Europe, the utmost importance lies in securing the IT infrastructure of hospitals. Of significant criticality is the effective patch management of the 430 servers, a responsibility largely entrusted to Michel Schmid and Yanick Häuptli. Their diligent efforts play a fundamental role in fortifying the hospital's defense against cyber threats, ensuring secure and uninterrupted operation amidst an increasingly challenging digital landscape.
Why the Solothurn hospitals urgently needed a new patch management solution
Initially relying on WSUS, the hospitals embraced an on-premise patch management solution in 2017-2018, led by a proactive IT manager. He introduced essential Powershell scripts from his previous role, but their frequent adaptation and updates challenged the team. Troubles escalated when an update of the prior solution rendered the scripts ineffective. The only remaining option would have been to work with the Rest API. However, the complexity of documentation would have become too overwhelming for non-patching colleagues. Subsequently, the team set out to explore user-friendly cloud-based alternatives, seeking an optimal solution for their patching needs.
How did NinjaOne convince?
Solothurn hospitals employ a structured server patching process, organized into bronze, silver, and gold groups based on internal SLAs. The gold group houses the most critical servers, while the other two groups accommodate less critical ones. Patch deployments occur during the second, third, and fourth weeks of the month. A prudent practice involves testing patches on less critical groups first before implementing them on the most crucial servers, ensuring a methodical and risk-aware approach to server patching.
"In addition to the unsatisfactory usability of our prior on-premise solution, there was another disruptive factor: the patch scans and the patch installation are not cleanly separated."
Dealing with Microsoft's off-schedule patches could pose issues in the prior patch management solution, particularly with automated scans before scheduled installations. This can inadvertently include untested patches in the critical server group, potentially leading to disruptions or interruptions. To address this, one must either increase manual monitoring or accept the risk. Recognizing this crucial requirement, the choice of a tool like NinjaOne ensures a clear separation between patch scans and installations, mitigating risks and providing a more reliable approach to patch management.
"Thanks to the intuitive NinjaOne user interface and the robust Windows server patching, we were able to reduce our workload by 22%," says Michel Schmid, who has been working in IT for the Solothurn hospitals for 20 years, after a few calculations.
While intuitive operation and scan-deployment separation are essential, NinjaOne went above and beyond in meeting other critical requirements, outshining competitors like Topia Vicarius and PatchManager Plus. Michel and Yanick were particularly impressed by NinjaOne's seamless connection to a WSUS server, granular patch classification, option to deactivate specific software updates, and efficient patch management group mapping within policy management. Their comprehensive decision matrix awarded NinjaOne an impressive score of 96.3%, solidifying its position as the ultimate choice for their patch management needs.
"When migrating to Ninja, we found that some of the 430 servers hadn't been patched in months," recalls Yanick.
With invaluable assistance from NinjaOne support, the implementation was seamlessly accomplished within a month. Today, after a year, the IT managers remain confident that choosing NinjaOne was undoubtedly the right decision. The platform's enduring reliability and efficiency have reinforced their satisfaction with the choice made, further solidifying the positive impact of NinjaOne on their IT operations.