Endpoint compliance across 40,000 devices cures concerns of NHS organisation
The ForeScout CounterACT system will be put in place for the UK’s largest health informatics service covering 40,000 devices across 500 sites.
The system replaces an ageing intrusion prevention system (IPS) that was a reactive defence fraught with false notifications, according to ForeScout. Rather than invest solely in perimeter security, Sussex splashed out for a more proactive, network-based approach for access and endpoint compliance.
Peter Ward, senior client devices engineer for IT services at Sussex HIS, said, “In a healthcare environment, everything from sterile washers, MRI scanners, medical kiosks, patient monitoring systems through to the chief executive’s iPad – all need to be classified correctly and monitored. If the organisation inadvertently identifies a patient monitoring system incorrectly as a rogue device, and subsequently blocks it, that is potentially life threatening.”
CounterACT brings visibility of all IP-addressed devices and users on the Sussex HIS network and provides the ability for deeper inspection to highlight issues and potentially unwanted applications on those devices.
The platform is centrally managed across the Sussex organisation’s distributed sites and works with their mixed operating environment. Any device on the network is identified and assessed against policy, providing the IT services team with intelligence and an automated means to grant, limit, mediate or block any insecure IP device or person highlighted as a risk to NHS data, infrastructure and hardware.
“Healthcare environments incorporate a diverse range of hardware such as PCs, laptops, network infrastructure, medical equipment, as well as users that change daily,” said John Hagerty, EMEA sales director for ForeScout. “CounterACT enables organisations like Sussex HIS to monitor, in real time, who and what devices are connecting to their network while also checking the compliancy of all endpoints and remediating any problems without disruption to service or end-users,” he added.