ScienceLogic: Mike, what’s your background working with network and management system tools?

Mike Lawson: Before joining Apptis, I worked for the Air Force, mainly in satellite communications for almost nine years. I’m probably most familiar with HP OpenView and BMC Remedy. I managed a team that used them but wasn’t involved in tool selection; like many other federal IT workers, we didn’t have a choice of tools because there were existing enterprise licenses and maintenance contracts.

I also saw a large systems integrator do a full Remedy/Crystal Systems/OpenView installation. It took 6 weeks to stand up and customize to meet just the basic monitoring requirements, and it cost something like half a million dollars. At the time, I thought that wasn’t bad and was a pretty typical experience.

ScienceLogic: Coming from where you did, what’s your take on EM7?

Mike Lawson: Honestly, I didn’t believe that EM7 could really do all that it claimed. In many ways, it was the complete opposite of what I had seen first-hand with other monitoring solutions. Could it really cover that much functionality? At relatively much lower cost to the customer and without the licensing nightmare?

That quickly changed when I needed to understand the system enough to run it at a customer’s site. I went back over the training docs I received during my initial training class and jumped in; now, 6 months later, I’m the EM7 expert and can tell you that it delivers on all those promises. (But I still need to show people to get them to believe it too)

I preach the “EM7 gospel” and when anyone wants to talk monitoring, I ask about the universal pain points: cost, maintenance contracts and licensing, and then I explain EM7. The cost difference is real; the solution is based on capacity, so there’s no licensing and it’s easy to use. They are shocked to learn that they can buy multiple EM7 appliances and years of maintenance for what they paid for most other tools.

ScienceLogic: Apptis won the contract for monitoring aboard the USNS Mercy. We love that you’re using EM7 for one of the Navy’s hospital ships. Can you tell us more?

Mike Lawson: The USNS Mercy is a Military Sealift Command hospital ship. Some stats:

• 849 feet long (nearly the size of a football field)
• 12 fully-equipped operating rooms, a 1,000 bed hospital facility, digital radiological services, a diagnostic and clinical laboratory, a pharmacy, an optometry lab, a CAT scan and two oxygen producing plants
• Crew: 61 civilian mariners, 956 Naval medical staff, and 259 Naval support staff

The USNS recently departed on a five-month humanitarian mission in the Western Pacific and Southeast Asia in support of Pacific Partnership 2008. The partnership provides international medical, dental and engineering teams this summer to provide humanitarian support and conduct joint, combined, and cooperative Civil-Military Operations in order to improve regional stability and build partner capacity to respond to natural disasters and pandemic.

For the most part, the ship’s network is self-contained, but can also use a landline when docked. The network covers 400 devices, including Windows/Exchange servers and VMware for server virtualization. Prior to using EM7, none of the monitoring was integrated; each system was independently monitored through individual vendor-specific consoles.

Out of the box, EM7 provided integrated systems, application and network management for all network gear, applications and virtual machines in one solution. We didn’t have to do a lot of customization – EM7 includes best-practice based thresholds, event and monitoring templates and this covered what USNS Mercy needed to monitor.

ScienceLogic: You’re a systems integrator with a very useful “customer point of view” when it comes to looking at tools. From that perspective, can you share what you think are the biggest benefits that EM7 provides?

Mike Lawson: First of all, EM7 stands up right away. We’re talking days, not weeks. In contrast to the lengthy installation of OpenView and Remedy I witnessed during my military career, I was able to configure, customize, and implement the EM7 solution for the USNS Mercy in three days.

Second, it’s easy to train people on and the support is outstanding. This judgment is from first-hand experience. Right before the USNS Mercy departed on its latest voyage, the system administrator I had trained on EM7 left, so I had all of a day to train some new EM7 admins. I prepared a seven-page “cheat sheet” and over a 3-hour conference call, we walked through the entire EM7 solution; I haven’t gotten a support call since.

And when a problem did crop up with a device being discovered incorrectly, ScienceLogic was very responsive. We contacted ScienceLogic support on a Saturday and they created and emailed us a video to help troubleshoot the same day. Within 30 seconds of watching the video, the problem was resolved.

Finally, EM7 helps us be good stewards of the government’s money. This is very important to me personally and to Apptis as a company. Because EM7 is cheaper and deploys so quickly and easily, you might think that it’s just the opposite of what a system integrator would want to use. But that’s short-term thinking. We believe in deliver the most value for customers every time. It’s what creates trust and long-term relationships with our customers. Instead of that half million spent on standing up the solution and basic setup, I’d much rather (and I know the customer would rather) spend that on fine-tuning or extending the solution to do much, much more.

As a former government employee, I know what it’s like to use a tool that doesn’t fit my needs. EM7 proves that the best solution can totally break the old model of costly, lengthy installations. EM7 has the right model: the right solution and the right price delivered as an appliance that is easy to deploy, train on and use.

ShareThis

People ask why do you blog?  In the final analysis I blog because I like to. Every once in a while though you get a comment from a reader that reminds you why it is all worth while.  Here is one I received today from a person alleging to be a Julie Peterson:

Julie Peterson commented on Safe Access wins SC Magazine Award Reader Trust Award, again!:

Dressed in a tuxedo and chewing those rubber chicken breasts at the award ceremony is your idea of fun? Aren't you the same mentally retarded idiot who said in 2007 that you hated SC awards and that anyone can buy the SC awards with a sponsorship? Why do you think people give over $10k as sponsorship for the SC awards? Who is watching the awards except other vendors? By the way you suck big time with your rubbish blogs. Didn't networld magazine give you the boot within 3 months? Think before you write Mr. mental. Well done on winning, but please, dont give the impression that you cant buy an award from SC! And don't forget to eat your medication pills tonight, otherwise from your hair it is obvious you ran away from a mental hospital.

First of all Julie, let me thank you for your kind words! You made the statement and let me answer your questions for you.

1. Is dressing in a tuxedo and chewing rubber chicken breasts my idea of fun?  Actually, I do enjoy dressing up in a tuxedo once in a while.  The food at the awards ceremony was actually pretty good, if not diet friendly, as were the cocktails.  The entertainment at the awards show was pretty good as well. Catching up with friends you had not seen for a while and networking with industry peers was pretty worthwhile too.  Maybe your idea of a good time is putting on a bowling shirt and swilling a couple of beers and pretzels before going home and undressing into your dirty ripped underwear. Hey I say to each his own.

2. I am not the idiot who in 2007 said that I hated the SC awards and that anyone can buy the SC awards with a sponsorship.  I am the idiot who said that about the InfoSec Products Guide award by the folks at Silicon Valley Communications.  In contrast I have always said nice things about the SC awards. I actually have a lot of respect for them.  Also for the record, StillSecure has never been a sponsor of the SC Magazine awards. I have seen sponsors who did not win awards as well.  So looks like you got that one wrong Julie, but it happens.

3. ???Networld??? magazine didn???t give me the boot within 3 months.  They never had the chance, as I never wrote for ???networld, network world or any other magazine. Maybe you have me confused with Mike Rothman or Mitchell Ashley, who do and did write for Network World. But let me assure you that I do try and think before I write.

4. Regarding what medication pills I take and does my hair make it obvious I ran away from a mental hospital. I don???t take any medication, maybe I should.  Better living through chemistry you know ;-)  As to my hair, what can I say.  At this stage I am happy I have any hair at all.  My wife always says when I get my haircut it looks like a Buzz Lightyear style, but no one ever mentioned a mental hospital look to it.  In any event sorry it doesn???t appeal to you.

So who is this troll Julie Peterson?  Could it be Richard Stiennon in drag?  Maybe his wife striking out?  Maybe another one of my fans?  Who knows, but these sort of comments keep me juiced about blogging and remind me of how much fun I have doing it.  Thanks again Julie!

People ask why do you blog?  In the final analysis I blog because I like to. Every once in a while though you get a comment from a reader that reminds you why it is all worth while.  Here is one I received today from a person alleging to be a Julie Peterson:

Julie Peterson commented on Safe Access wins SC Magazine Award Reader Trust Award, again!:

Dressed in a tuxedo and chewing those rubber chicken breasts at the award ceremony is your idea of fun? Aren't you the same mentally retarded idiot who said in 2007 that you hated SC awards and that anyone can buy the SC awards with a sponsorship? Why do you think people give over $10k as sponsorship for the SC awards? Who is watching the awards except other vendors? By the way you suck big time with your rubbish blogs. Didn't networld magazine give you the boot within 3 months? Think before you write Mr. mental. Well done on winning, but please, dont give the impression that you cant buy an award from SC! And don't forget to eat your medication pills tonight, otherwise from your hair it is obvious you ran away from a mental hospital.

First of all Julie, let me thank you for your kind words! You made the statement and let me answer your questions for you.

1. Is dressing in a tuxedo and chewing rubber chicken breasts my idea of fun?  Actually, I do enjoy dressing up in a tuxedo once in a while.  The food at the awards ceremony was actually pretty good, if not diet friendly, as were the cocktails.  The entertainment at the awards show was pretty good as well. Catching up with friends you had not seen for a while and networking with industry peers was pretty worthwhile too.  Maybe your idea of a good time is putting on a bowling shirt and swilling a couple of beers and pretzels before going home and undressing into your dirty ripped underwear. Hey I say to each his own.

2. I am not the idiot who in 2007 said that I hated the SC awards and that anyone can buy the SC awards with a sponsorship.  I am the idiot who said that about the InfoSec Products Guide award by the folks at Silicon Valley Communications.  In contrast I have always said nice things about the SC awards. I actually have a lot of respect for them.  Also for the record, StillSecure has never been a sponsor of the SC Magazine awards. I have seen sponsors who did not win awards as well.  So looks like you got that one wrong Julie, but it happens.

3. “Networld” magazine didn’t give me the boot within 3 months.  They never had the chance, as I never wrote for “networld, network world or any other magazine. Maybe you have me confused with Mike Rothman or Mitchell Ashley, who do and did write for Network World. But let me assure you that I do try and think before I write.

4. Regarding what medication pills I take and does my hair make it obvious I ran away from a mental hospital. I don’t take any medication, maybe I should.  Better living through chemistry you know ;-)  As to my hair, what can I say.  At this stage I am happy I have any hair at all.  My wife always says when I get my haircut it looks like a Buzz Lightyear style, but no one ever mentioned a mental hospital look to it.  In any event sorry it doesn’t appeal to you.

So who is this troll Julie Peterson?  Could it be Richard Stiennon in drag?  Maybe his wife striking out?  Maybe another one of my fans?  Who knows, but these sort of comments keep me juiced about blogging and remind me of how much fun I have doing it.  Thanks again Julie!

One of the things that I have always not understood about HIPAA is what teeth do these regulations have and who is going to enforce them.  There are plenty of firms willing to take your money and rubber stamp you HIPAA compliant, but who is going to say your not HIPAA compliant and why should you care. Finally reading this article in Security Bytes it looks like the federal government has stepped up to enforce HIPAA and have put some bite behind the bark. Providence Health in Seattle was fined 100k by US Department of Heath and Human Services for losing data containing patients information. 

I say good for the HHS!  A few well publicized fines where people had to pay real money will go further in getting people to take HIPAA seriously than all of the other dog barking and warnings that have taken place to date.  The same goes for other regulations and statues on compliance as well.  Lets hear about some financial sanctions or penalties around PCI and you will see a drastic rise in compliance there as well.  Rules and regulations without enforcement serve no purpose at all and hurt more than they help.

One of the things that I have always not understood about HIPAA is what teeth do these regulations have and who is going to enforce them.  There are plenty of firms willing to take your money and rubber stamp you HIPAA compliant, but who is going to say your not HIPAA compliant and why should you care. Finally reading this article in Security Bytes it looks like the federal government has stepped up to enforce HIPAA and have put some bite behind the bark. Providence Health in Seattle was fined 100k by US Department of Heath and Human Services for losing data containing patients information. 

I say good for the HHS!  A few well publicized fines where people had to pay real money will go further in getting people to take HIPAA seriously than all of the other dog barking and warnings that have taken place to date.  The same goes for other regulations and statues on compliance as well.  Lets hear about some financial sanctions or penalties around PCI and you will see a drastic rise in compliance there as well.  Rules and regulations without enforcement serve no purpose at all and hurt more than they help.

The complainant was a nurse at a Finnish hospital, and also HIV-positive. Word of her condition spread among colleagues, and her contract was not renewed. The hospital’s access controls were not sufficient to prevent colleages accessing her record, and its audit trail was not sufficient to determine who had compromised her privacy. The court’s view was that health care staff who are not involved in the care of a patient must be unable to access that patient’s electronic medical record: “What is required in this connection is practical and effective protection to exclude any possibility of unauthorised access occurring in the first place.” (Press coverage here.)

A “practical and effective” protection test in European law will bind engineering, law and policy much more tightly together. And it will have wide consequences. Privacy compaigners, for example, can now argue strongly that the NHS Care Records service is illegal. And what will be the further consequences for the Transformational Government initiative - the “Database State”?

The Sopranokovs 

The Russian mob comes to town with a new scam—medical identity theft. 

When FBI special agent Ted Price peered through the window of a dingy brick storefront on Southwest Morrison Street in March, it was what he didn’t see that caught his attention. 

The business, called UnimedCorner, claimed to provide ailing seniors with orthotics—braces and other devices to correct foot, joint and back problems. 

Price and other federal investigators were skeptical. 

On Unimed’s showroom floor, Price saw wheelchairs, motorized scooters, a variety of canes and, on the walls, a selection of amateurish paintings and framed photographs. There was no evidence, however, of the kinds of equipment for which Unimed had billed Medicare nearly $2 million in the previous couple of months. 

“I observed wheelchairs and canes through the window but did not see any orthotics in the store,” Price later wrote in a search-warrant affidavit. “It is a sign of fraud that the store is not stocking the items [for which] it is billing.” 

By the time Price arrived on the scene, the company’s owner, a shadowy Russian immigrant named Alexandr Shcherbakov, was long gone. 

Today, Shcherbakov’s store sits undisturbed. The message light on the phone blinks, dead potted plants droop and a stuffed toy monkey slumps in a glass display case. 

And behind the cash register hangs a framed poster of television’s best-known mobsters, the Sopranos. 

From interviews and information presented in federal affidavits, it is clear Shcherbakov moved to Oregon to commit a crime elegant and lucrative enough to make Tony Soprano envious: medical identity theft. 

... 

“Medical identity theft is the new frontier for organized crime,” says Alex Johnson, a former FBI agent who investigates fraud for Regence BlueShield. “Pretty much anybody can set up a mom-and-pop operation and start cranking out claims.” Someday, most Americans will need a cane, wheelchair, home hospital bed or another of the items healthcare professionals call “durable medical equipment,” or DME. 

For those over 64 and without private insurance, there’s a good chance federally funded Medicare will pick up the tab for that equipment. Last year, according to federal statistics, Medicare spent $8.6 billion on DME. 

Here’s the way the system is supposed to work: A doctor prescribes a device such as a wheelchair for a patient, who presents his prescription to a DME supplier. The supplier provides the equipment and bills Medicare, which typically pays 80 percent of the cost. Unlike pharmacists, who fill prescriptions under strict scrutiny of state and federal watchdogs, DME suppliers are lightly regulated. “DME is very vulnerable to fraud,” says Consuelo Woodhead, the chief healthcare fraud prosecutor for the U.S. Attorney’s Office in Los Angeles. “It doesn’t require any background in medicine, any kind of professional licensure or appreciable capital. 

There are barriers of entry in other medical fields, but not in DME.” To operate, DME suppliers simply need a place of business, a business license and liability insurance. Unlike pharmacists, DME suppliers operate under an honor system: The feds count on them to supply the equipment they claim to provide to the beneficiaries who need it. 

That honor system is not working. 

The epicenter of DME fraud, according to the federal Department of Health and Human Services, is South Florida, where Medicare billing for DME quadrupled from 2002 to 2006 to $1.7 billion. Investigators found much of that increase was due to fraud. In 2006, federal inspectors revoked the licenses of 634 DME suppliers in South Florida, nearly half the DME dealers in the region. 

Later the same year, raids in Southern California yielded similar results: The feds shut down 95 DME suppliers. Many of the DME suppliers shut down around Los Angeles were run by immigrants from the former Soviet Union. It’s probably no coincidence that when the feds raided Los Angeles DME suppliers, some Angelenos fled to cities where there was less scrutiny—such as Portland.