Bookmark and Share

ECLIPSE, Remote Desktop & The Cloud

So… you want instant access to your ECLIPSE data from anywhere? And you don’t want to concern yourself with hackers who can steal or ransom your data? Or ISP bandwidth issues that can slow your system to a crawl?

Suppose you could inexpensively leverage the cloud from your own computer system? And all you needed was a decent internet connection to your office?

Perhaps you should begin accessing your patient data the same way we access our own client data! We use Microsoft Windows Remote Desktop (RDP). In fact, if a sales rep in Oklahoma, a software developer in New York, or a customer service rep in Indiana need to access information about your practice, that’s how they look up your records. The server is physically located in our building in Brooksville, Florida.

  • Remote Desktop allows you to access your own office server across the internet from virtually any computer (Windows, Mac , Android, iPad) anywhere — which means you *are* in the cloud!
  • Remote Desktop is very fast. Why? Two basic reasons:
    1. First, the only information that moves back & forth is the screen image & your keyboard or mouse input. You’re not moving data back & forth between a remote cloud server & your computer.
    2. Next, Remote Desktop is only limited by your connection speed. When you use software hosted in the cloud (on a remote server), you’re sharing that server and subject to its bandwidth limitations. What does that mean? You’re sharing that cloud server with lots of other people during the day. And all of you want data from it simultaneously! Also, your local network speed is likely to be much, much faster than your internet connection.
  • Remote Desktop is not a typical hacking target (see more about this below). Server farms & large, shared remote databases present front & center targets to hackers… and the results are in the news with great regularity. In fact, it’s no longer news when a large healthcare entity gets hacked — but the HIPAA fines are real enough.
  • Remote Desktop is much less expensive to own & run in the long run.
  • None of this would have any impact on your ECLIPSE fees. If you have further questions, please call 352.488.0081 & speak with the Help Desk.

Myths

  • Companies that sell “cloud” services like to tell you that the cost of maintaining your existing computer system and/or network will change. Not true! Whether you have one or more computers, your devices — including things like printers & scanners — must be connected to one another and/or the internet. You’re likely to discover you’re using exactly the same computer system you’ve always used — even if you’re practically paperless.
  • Some may tell you that Remote Desktop is not secure. Sure… if it isn’t setup properly, it’s not secure — just like everything else connected to the internet. However, there are a variety of ways to provide much better security without the compromises of cloud based systems (see below).

Facts

With a cloud system, you are entrusting security to your software vendor and… their hosting service and… one or more physical locations that contain the computer servers where your information actually resides. You can click here to read one example of what happens when things go wrong. If *your* patient data had been on Code Spaces’ servers, it would be gone, along with all your backups! And then there are companies that simply go out of business, like this one here, with little notice & no way to get your data back. No data. No backups. No patient information. No billing. These types of problems have become ubiquitous in recent years.

Alternatives to Remote Desktop

  • Multiple companies offer a hosted option for ECLIPSE. You can find links to companies like DataHealth & AriTec on our website by clicking here.
  • Use programs like LogMeIn for remote access.
  • ECLIPSE EHR Cloud® (EEC) is subscription based (no upfront costs, no contracts, no cancellation fees) and can be accessed via any browser (e.g. Safari, Chrome, Edge) on any device (e.g. tablet, laptop, desktop) using any OS (e.g. Android, Apple, Windows). Visit & log in here. Read the FAQ here. The new cloud based system offers advantages over every other cloud based system available. “How can that be” you ask? It takes advantage of multiple technologies that simply didn’t exist just a few years ago:
    • WebAssembly (Wasm). A consortium including Microsoft, Google, & Apple recently developed Wasm & every major browser now supports this technology. Wasm enables high-performance applications on web pages. The only technology that supports Wasm wasn’t formally released until May 2020. What does this mean to you? EEC should run faster in any browser!
    • Blazor. This new Microsoft environment allows developers to fine tune performance as we balance what happens on your computer vs. our cloud servers. What does this mean to you? EEC will cost less & run faster!
    • NoSQL. SQL, the database technology used in > 80% of products, is vintage IBM & dates back to the 1970’s! A new paradigm is now in use by large companies ranging from Adobe to ebay, Google to Verizon. New “document” oriented databases like mongoDB provide easier & faster views of some types of data. Again, what does this mean to you? EEC will run faster, reduce costs & be easier to update/extend!

Keeping Remote Desktop Secure (recommendations for computer professionals)

Any cloud system is vulnerable to numerous threats, as well as problems that would never occur to you. Here are some tips & guidelines to help you secure your Remote Desktop installation through layered controls without setting up slow-performing VPN’s:

  • Disable any RDP connection to the internet. This helps reduce the risk of hackers scanning your network and limits your susceptibility to brute force attacks.
  • Change the default listening port from 3389.
  • Update and apply patches regularly.
  • Enable complex passwords and a conservative account lockout policy. (Consider customizing a more stringent policy for RDP.)
  • Configure multi-factor authentication (MFA).
  • Limit and reduce access via RDP and consider disabling all administrative access via RDP.
  • Enable logging and monitoring capabilities to alert personnel of suspicious activity.
  • Ensure self-signed certificates are in place.
  • Enable the following on workstations and servers that use RDP: Network Level Authentication, TLS 1.2 and FIPS compliance.