Abstract Seafoam Grid

Elara Caring Delivers Exceptional Patient Care and a Streamlined Employee Experience

Company Overview

Industry: Healthcare
Location:
Dallas, TX
Protected Mailboxes:
8,000

Elara Caring Customer Story Summary

Phishing for Patient Data Among Healthcare Providers

Credential phishing scammers target healthcare organizations for patient data. The resulting data breaches are the costliest of any industry—$9.23 million on average in 2021, up 29.5% from 2020 per the Ponemon Institute.

Since deployment, Abnormal has prevented hundreds of credential phishing attacks, resulting in zero compromised accounts, to date.

Prioritizing Exceptional Patient Care and Seamless Security

As one of the largest home care providers in the United States, Elara Caring serves patients with skilled nursing, behavioral health, palliative, hospice, and personal care services. “Patients and families usually prefer home healthcare because they don’t have to go somewhere unfamiliar. They’re more comfortable and can heal faster at home,” states Eric Bowerman, Chief Information Security Officer. “Easier access drives our mission to be a single source of holistic home care.”

To serve 60,000+ patients across 16 states, Elara Caring navigates a mosaic of state and federal data privacy regulations, including HIPAA. Elara Caring also operates in a competitive talent market. “The healthcare industry has significant turnover, and outdated technology can interfere with a good employee experience. On the cybersecurity team, we have the opportunity to make security more seamless, which can make work less stressful and more enjoyable,” Bowerman said. For example, email security that stops phishing emails reliably spares employees from the stress of assessing and reporting potential threats.

Healthcare has the highest data breach costs of any industry, according to the Ponemon Institute. According to the 2022 Healthcare Information and Management Systems Society report, phishing caused 45% of significant security incidents over the last year. When Bowerman joined Elara Caring as its CISO in mid-2021, he saw employees struggle to sort authentic messages from email attacks, showcasing how this threat was impacting the company. He knew there was a better solution to protect patient data and improve the employee experience.

“For our clinical professionals in the field, Abnormal reduces the number of daily questionable email interactions, so they’re free to focus their attention on quality patient care instead of worrying about getting phished.”
—Eric Bowerman, Chief Information Security Officer

Elara Caring Needed Stronger Safeguards To Support Caregivers and Protect Patient Data

“Most of the security applications and tools we’ve acquired focus on making it easier for our caregivers in the field to care for our patients,” Bowerman said. “Our goal is to reduce stress for our field users, like worrying if it’s safe to click on an email they’ve received.”

Microsoft 365 email security caught basic threats, but the company’s secure email gateway was letting advanced threats reach employee mailboxes. “When we added Abnormal Integrated Cloud Email Security (ICES), we liked the fact that it blocked the advanced threats that were trying to phish someone’s credentials or money,” Bowerman said.

Abnormal ICES also solved another employee experience problem for Elara Caring. “Our secure email gateway delivered a digest every six hours. In some cases, employees needed to get one-time passwords via email to access systems in the field. Those passwords are usually only good for a short time and there was no way to release those messages faster. Now, they can manage that access themselves, so it’s a better, more efficient experience.”

Less Stress for Employees, Executives, and the Security Team

The inbox security improvements that Abnormal delivered also helped reduce executive leadership worries about data breaches that could expose patient data and lead to expensive regulatory penalties and remediation costs. “We are required to comply with HIPAA data protection rules, and protecting our patients’ information is always a top priority,” Bowerman said. “Abnormal helps us do that.”

While credential phishing accounted for half of the advanced threats detected by Abnormal, ICES also detected attempts to trick the payroll team into diverting paychecks to fraudsters’ accounts, and business email compromise attacks that impersonated company leaders. “With hundreds of attacks stopped by Abnormal within the first 90 days alone, I no longer worry about our people clicking on the wrong thing or corresponding with a threat actor,” Bowerman said.

Elara Caring Customer Story Stats

Elara Caring Is More Efficient and Maintains Compliance With Abnormal ICES

When Bowerman and his team saw how many threats Abnormal found that their other layers of email security had missed, it was a lightbulb moment. “We were ready to turn it on the next day. Abnormal provided a simple setup and ease of use that was a huge value to our operations staff because we don’t have time for a week of training for a new email security solution.” Abnormal also freed Bowerman’s team to decommission their secure email gateway, which saves money in the long run.

Abnormal ICES has reduced employees’ stress about their inboxes, improving their caregiving experience to support retention. “It also saves time,” Bowerman said. “Before, employees had to report each suspicious email. Even five minutes a day is 25 or 30 wasted minutes a week per inbox. Now our caregivers can focus on their work, not distractions.”

With Abnormal, Elara Caring is better protected from expensive, trust-breaking data breaches, payroll fraud, and ransomware attacks, so the company is also less vulnerable to data privacy compliance violations. “That’s critical to the executive leadership team and the day-to-day work experience,” Bowerman stated. “The threat from phishing was always in our face. Now it’s solved with Abnormal’s dependable solution.”

“Being able to fully protect our executives and all of our employees with Abnormal Integrated Cloud Email Security has been a huge win in terms of security, efficiency, and email user experience.”
—Eric Bowerman, Chief Information Security Officer

Abnormal Enables Elara Caring To Focus On Patient Care and Data Privacy

With Abnormal ICES catching advanced threats that evade traditional secure email gateways, everyone from front-line caregivers to the executive team worries less about email’s potential impact on patient care. “I feel confident now with Microsoft Defender, Abnormal ICES, and good endpoint security,” Bowerman said.

He’s also confident that Abnormal will help him reach his employee and patient experience goals. “I can get a product from anybody. I need a partner we can trust to do the right thing for us. That’s the experience we’ve had with Abnormal.”

Let us show you how Abnormal can help keep your organization safe from advanced email attacks. Request a demo today!

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Resources

B 06 01 22 Gone Phishing
In this webinar, Graham Cluley, cybersecurity expert and host of the Smashing Security podcast, and Abnormal Security CISO Mike Britton discuss the latest in phishing attacks.
Watch Now
B 04 08 22 Digital Everything Customer Story
Upon integration with Abnormal, a Fortune Global 500 financial services organization learned that not only had 11,000+ advanced email attacks per month been bypassing its secure email gateway but more than 70 of its vendors had compromised accounts.
Read More
B 03 21 22 CSC Customer Story
While CSC Generation has robust security measures in place, unfortunately, the same couldn't be said for their vendors. To mitigate the risk of payment fraud via compromised vendor accounts, the organization added Abnormal to their security stack and the results spoke for themselves.
Read More
B 04 14 22 CISCO Guide to Phishing
Because phishing emails target human behavior, create a sense of urgency, and appear to come from trusted senders, they can be incredibly difficult to detect. Stopping them before they reach employee inboxes is the key to staying safe.
Download Now
H1 threat report cover
From June-December 2021, Abnormal Security discovered that nearly all types of advanced email attacks grew in frequency, with a new trend of phone fraud using email as the first contact.
Download Now
Everise case study cover
By mid-2021, Everise had more than 11,000 employees to meet new demand for outsourced services. But the shift to remote work brought new email security risks. “Our people are good at what they do, but they’re not email security specialists, and attackers know that."
Read More
Resource 03 COATS
With Abnormal ICES layered over Microsoft Defender, Coats employees are free to focus on continuing the company’s 250-year tradition of innovation, rather than sorting through emails and trying to assess the risks.
Read More
Webinar phish soc cover
Most people believe that the SOC is on the front lines, defending the castles against the forces of darkness. And while that’s true, it’s never quite as heroic as we’d like it to be.
Watch Now
Fireside chat katz cover
Legitimate email communications often contain links and attachments, and employees need to click on those links and attachments to do their jobs. Unfortunately, securing the enterprise often means stopping employees from doing so in an effort to stop bad actors from gaining access to systems or stealing money.
Watch Now
Fortune 200 wealth cover
As a leader in insurance and asset management, this Fortune 200 company recognizes that its security must protect its employees and customers from cyber attacks. Customers place their trust and their assets in the control of this company, so the security team built a robust solution reducing risk, gaining visibility, and securing user identity—the new perimeter.
Read More
Gateway church cover
Gateway chose Abnormal Security because of its uncompromising approach to prevent the email attacks that matter most. In the two years since they've deployed Abnormal, Gateway has not experienced a successful advanced email attack.
Read More
Human element whitepaper cover
The challenge of dealing with cybercrime is complex. Human factors and the human-computer interface are a central component of cybersecurity, and while technology alone will not prevent cybercrime, neither will people. People alone also can also not be relied upon as a last line of defense in an organization’s cybersecurity strategy.
Download Now
Human element webinar cover 2
Cybersecurity is largely a behavioral concern, as cybercriminals use social engineering to trick people into transferring money, entering their credentials, or providing access to sensitive data.
Watch Now
Key considerations webinar cover
Email is both a necessary communication medium, and the most vulnerable area for an attack. Year after year, adversaries find success in abusing email to gain a foothold into an organization—deploying malware, leaking valuable data, or stealing millions of dollars.
Watch Now
B Gartner Highlights 1
The Gartner Market Guide for Email Security explains what integrated cloud email security (ICES) solutions are and why they’re essential for modern enterprises. Download a copy now to learn why enterprises are moving away from the SEG.
Read More