Elderly healthcare nonprofit Joris Zorg guards against cyberattacks with Microsoft Defender

In the Netherlands, Joris Zorg care providers help older people continue living at home as long as possible. When people can no longer safely stay at home, the nonprofit Joris Zorg runs homes and living facilities that emphasize independence, dignity, and, of course, health.

Care providers document data like blood pressure, refer to stored records such as diagnoses and prescriptions, and monitor smart camera feeds to respond when a client falls. The nonprofit takes its responsibility to protect personally identifiable information (PII) seriously, and it works to comply with Dutch and EU regulations. Further, it strives to steward staff data, such as contact information and passport records, that it must store for employees to do their job.

Unfortunately, in 2022 Joris Zorg experienced a hack of one of its on-premise servers. The affected data was primarily related to staff information, not patient details, and the nonprofit continued its care of older people while the IT team dealt with the attack. The incident led Joris Zorg to fully transition to the cloud, and it began working with Microsoft partner Wortell to deepen and manage its security. The nonprofit is using Microsoft Defender XDR and Microsoft Sentinel to keep patient and staff data private, prevent future cyberattacks, and free up its staff to focus on what really matters.

“Healthcare is our number one priority,” says Paul Verlaek, Information Manager at Joris Zorg. “We need security to just work so we can focus on caring for people.”

Monitoring and responding to threats 24/7

Joris Zorg caregivers look after older people around the clock, 365 days a year. Unfortunately, bad actors do not take days off, either. “We’ve learned that hackers often attack on holidays, evenings, and weekends. In fact, we were hacked on Christmas Eve,” Verlaek says. “It’s nice to know that Defender works all the time, 24/7.”

While Joris Zorg had already activated Defender, Wortell executed a security audit. “We updated Joris Zorg’s security practices to align to Microsoft best practices, so now they are even safer,” says Layla Jongerius, Account Manager at Wortell. She estimates that Defender automated protections block about three-quarters of attacks across identities, mailboxes, team environments, and devices, and Wortell experts repel the remainder.

Joris Zorg IT staff receive alerts of suspicious activity or security incidents, as well as the response to the attempts. For example, Defender recently blocked an unauthorized login from overseas and locked the associated account. Wortell worked with the affected employee to quickly reactivate their account and continue their work with minimal interruption.

Joris Zorg has enlisted Wortell’s managed detection and response (MDR) services to lead its security. With an IT department of just four people servicing more than 500 employees, the nonprofit did not have the resources to become security experts and keep up with the field’s constant changes. “It’s good to have a partner in Wortell that has the knowledge and expertise in Microsoft Defender products,” Verlaek says.

Both Joris Zorg and Wortell have access to the unified Defender dashboard, which provides real-time monitoring of the nonprofit’s cloud infrastructure and endpoints. Wortell experts stay in frequent contact with Joris Zorg IT managers, and their always-on staff quickly isolate any malicious activity.

Time is of the essence during a security incident. During the 2022 hack Joris Zorg experienced, criminals gained access to about 90 GB of data over several hours. “Had we had the MDR solution in that moment, then we probably would have lost only 100 MB or nothing,” Verlaek estimates. The immediate response from Microsoft Defender and Wortell limits the potential risk of future attacks, he adds. “It gives us a safe feeling so we can sleep well.”

Enabling reliable patient care

Joris Zorg was in the process of migrating to the cloud migration during the 2022 hack of its on-premise server. The attack accelerated the modernization of its IT infrastructure. “We’re embracing the Microsoft cloud and all its possibilities,” Verlaek says.

With many employees who are not confident with technology, the nonprofit prioritized easy-to-use Microsoft 365 SaaS applications and security processes. Multifactor authentication (MFA) through Microsoft Entra enables staff to log in just once to use all their apps while protecting the nonprofit from breaches through stolen or lost credentials. “Security has to work without getting in the way of workers’ jobs, making their work as easy as possible and as safe as possible,” Jongerius says.

Ease of use, plus the confidence security protections offer, enable staff to focus on helping people who need a hand, Verlaek says. That security sets the stage for what comes next.

“Now that Joris Zorg has a safe base, it can look forward to more innovative solutions,” Jongerius says. Whether that includes AI or leveraging productivity apps in new ways, the nonprofit will continue to emphasize the highest level of care for older people.

Certainly no one wants to experience a hack, but Verlaek hopes that Joris Zorg’s example can inspire other nonprofits to prioritize security now—before a cyberattack. He says, “To healthcare organizations, please choose the Defender Suite.”

Find out more about Joris Zorg on Facebook and LinkedIn.