Case Study: Northern Irish Health Trust Gains More Control Over Devices Accessing Its Network

Northern Ireland’s Northern Health and Social Care Trust (Northern Trust) has adopted a new solution that will allow it to achieve greater visibility and control over the increasing number of non-Trust managed or owned devices accessing its network.

The organisation is one of the five health Trusts in NI and provides a wide range of health social services to ten localities, including two large acute-care hospitals and six non-acute hospitals.

The Trust serves a population of around 460,000 – the largest demographic of any of the NI Trusts – and employs approximately 12,000 people.

It has a rural geography and its 150 sites are connected using a range of network infrastructure technologies – from superfast broadband to high capacity short haul data circuits with a capacity of typically 100Mbps or higher.

The Business Problem

Prior to June 2013, Northern Trust was struggling to gain visibility and control over devices that were connecting to its network, including medical, clinical engineering and building management system (BMS) devices.

This meant the organisation was facing significant ICT network security and governance risks and potential incidents could threaten the delivery of health and social care services to patients and clients.

“For some time, the Trust has been concerned about the limited visibility and control it had over the ever-increasing numbers of endpoints which are neither Trust-owned nor managed connecting to its network,” explained Pat Black, the organisation’s ICT network and security manager.  

“If a device presents a security or governance risk, a decision needs to be made quickly on how to effectively manage that risk, particularly if it is a compromised medical device,” the manager added.

Solving The Problem

The Trust set out to find a solution that would allow it to secure its 15,000 endpoints across 150 sites without dependence on additional equipment or specific software version requirements.

After considering a few other options, Northern Trust decided that network access control and policy compliance solutions provider ForeScout could meet its requirements with its CounterACT product.

“We found other solutions that we considered, which compared to ForeScout – were quite expensive, plus they wouldn’t give us the complete coverage that we needed,” said Black.

Black added that it was essential for the solution to provide device visibility, security scans and capability for running risk assessments of devices connected to the network.

ForeScout CounterACT is an agentless solution that does not require the Trust to install anything on individual devices and this play a significant part in helping the organisation decide to use it.

The Results

Since deploying ForeScout CounterACT, Northern Trust has been able to gain a comprehensive, real-time view of its networks, including endpoints, which are neither Trust-owned nor managed.

“We witnessed the power of CounterACT within a matter of hours of the appliance being installed,” claimed Black.

The solution allows for real-time visibility of the Trust’s endpoints and proactive remediation of potential threats to guard against rogue users, devices and applications.

The organisation has also been able to improve its delivery of care as the secure and continuous network connectivity it now has allows the uninterrupted delivery of critical health and social care services.

“ForeScout has allowed us to reduce the risk associated with non-Trust owned and managed devices and enabled us to respond to incidents and alerts more quickly than we had ever been able to do in the past,” explained Black.

Northern Trust has also benefitted from increased ICT security and governance controls, easier and faster compliance reporting and rapid internal threat identification and remediation.

“With ForeScout we can rest assured that we have the visibility and, all importantly, control over devices connecting to our network,” the manager concluded.

© 24N.biz