Outreach Health is a family-owned home care provider supporting patients across Texas and Arizona with in-home care, daily living assistance, and complex medical needs. Their caregivers, nurses, schedulers, and care coordinators all rely on cloud apps and web tools to keep patients safe and operations running smoothly. To protect patient data and keep workers productive, Outreach Health needed a secure web gateway (SWG) that “just works”—especially for a large, mostly remote workforce on shared devices and home networks.

They moved from Cisco Umbrella to dope.security’s endpoint-based Secure Web Gateway to simplify deployment, reduce false positives, and give IT a clear, intuitive view of web traffic and risk.

“It’s not just great, it’s dope.”
— Security Engineer, Outreach Health

‍

‍

The Challenge: A Legacy SWG Slowing Down Modern Care

With Cisco Umbrella in place, Outreach Health was protected on paper but in practice, it was causing daily friction for both IT and caregivers in 3 key areas.

1. Deployment Headaches

Rolling out protection to laptops and the remote employees was anything but simple.

• Multi-step configuration through DNS and network policies.
• Uniformed policy roll out to all users was a struggle
• Agents that behaved differently depending on the user’s location or Wi-Fi network.
  ‍

Impact: New hires sometimes waited days before receiving full, consistent web protection. IT had to maintain complex documentation just to keep deployments on track.

‍

2. False Positives Blocking Care

Umbrella’s policies often over-blocked websites that users legitimately needed:

• Patient education portals misclassified as “new/untrusted” sites.
• Online training platforms flagged under generic content categories.
• Telehealth and scheduling tools partially broken due to blocked sub-resources.
  ‍

Each false positive triggered a support ticket:

“Why can’t I open this training? I’m in a patient’s home and I need this now.”

IT would then dig through logs, inspect domains, and tweak rules, sometimes repeatedly for the same tools.

‍

Impact:

• Rising helpdesk volume and slower response times.
• Frustrated caregivers who just needed to do their jobs.
• Risk of delayed care when tools didn’t work in the moment.

‍

3. Subdomain “Whack-a-Mole”

Unblocking just one part of a website often required tracking down specific subdomains and CDNs.

Example: A patient portal hosted at portal.healthpartner.com pulled resources from

• cdn.portal.healthpartner.com
• auth.healthpartner.com
• analytics.thirdpartyvendor.com
  ‍

If any one of those was blocked, the page would partially fail. IT staff found themselves in a constant loop of:

1. Reproducing the issue.
2. Finding the exact subdomain in logs.
3. Creating granular allow rules.
4. Waiting to see if it actually fixed things.

‍

Impact:

• Slow resolution times for business-critical apps.
• Complex, brittle policy sets that were hard to maintain.

‍

‍

The Solution: dope.security’s Endpoint-Based SWG

Outreach Health replaced Cisco Umbrella with dope.security’s Fly Direct SWG, running directly on the endpoint instead of routing traffic back through a cloud proxy.

‍

1. Deployment in Days, Not Months

Using their existing MDM tools, Outreach Health silently deployed dope.security to their devices and immediately experienced:

• A single lightweight agent that works the same whether staff are at home, in a clinic, or on the road.
• No DNS gymnastics or complex network tunnels.
• Standard policies applied instantly based on user and device groups (e.g., “Field Nurses,” “Billing,” “IT Admins”).
  ‍

Within a week over 99% of their devices were secured with dope.security.

“We didn’t need a six-page deployment manual anymore. We pushed the agent, confirmed policies, and we were done.”

‍

2. Fewer False Positives, Happier Caregivers

dope.security’s on-device inspection and smarter URL categorization dramatically reduced over-blocking:

• Healthcare portals, training sites, and scheduling tools worked out of the box.
• Custom allow-lists for critical partners (insurers, hospital systems, HIEs) were easy to configure and apply globally.
• When something was blocked, the block page was clear and human-friendly, helping users understand why and how to request access if needed.
  ‍

Within the first 90 days, Outreach Health saw a ~70% reduction in web access-related IT tickets.

‍

3. No More Subdomain Detective Work

Because dope.security runs on the endpoint and evaluates full requests with SSL Inspection, IT no longer had to play subdomain detective.

For example, the finance team needed access to a new reimbursement platform that pulled in content from multiple third-party providers. With Umbrella, IT would have had to unblock each subdomain manually.

With dope.security, IT simply reviewed a single, unified view of all domains involved and it was one policy update that allowed the entire application stack while still enforcing broader category-based controls.

Changes that previously took days of back-and-forth testing now took minutes.

‍

4. Intuitive Management & Useful Data

Outreach Health’s security team uses dope.security’s console as their day-to-day “flight deck” for web security delivering:

• Clear dashboards showing top blocked categories, risky domains, and emerging patterns.
• Easy filters by user, device, or group so they can quickly investigate a suspicious pattern (e.g., repeated access to known malware sites).
• Simple export and reporting features used for HIPAA and security audit evidence.
  ‍

They also gained better visibility into which SaaS tools employees were actually using, shadow IT trends, like unsanctioned file-sharing or messaging apps, and web usage patterns across clinical vs non-clinical staff.

‍

‍

Why Outreach Health Says “It’s Dope”

By moving to dope.security’s Fly Direct SWG, Outreach Health traded complex, proxy-style security for something built for how their staff actually work today:

• Remote, hybrid, and always on the move.
• Dependent on cloud apps and partner ecosystems.
• Operating under strict regulatory and privacy requirements.
  ‍

Now, they get enterprise-grade web security without the turbulence, so clinicians can focus on care, IT can focus on strategy, and everyone else can just get their work done.