Greenville Health System

Defends against attacks with Connected Threat Defense

Overview

Founded in 1912, Greenville Health System (GHS) is a private not-for-profit academic healthcare delivery system committed to medical excellence through clinical care, education, and research. With seven hospitals, several outpatient locations, and more than 200 physician practices, GHS is the largest not-for-profit healthcare system in South Carolina.

GHS has a deep commitment to medical education and recently opened the University of South Carolina School of Medicine Greenville on the Greenville Memorial Medical Campus.

Challenges

In 2013, Greenville Health System’s existing endpoint security did not provide the protection the organization needed against the changing threat landscape. The existing solution lacked the capabilities to handle new threats that appear daily. When Chris Schmidt, Manager of Information Security, joined GHS the same year, he identified some of these gaps in the security system. “We could identify threats at the gateway, but we had no way to respond and resolve those attacks,” said Chris Schmidt, Manager of Information at GHS.

In addition to needing a security solution to protect the network and endpoints, GHS also needed to comply with HIPAA and other regulations. “Having a solid security partner to help us meet risk management requirements is essential for us. Ensuring compliance is an important part of our security posture,” said Rich Rogers, Vice President of Information Services and Chief Information Officer at Greenville Health System.

Finally, because GHS didn’t have a large IT team in place at the time, it wanted a security solution that could be easily deployed and managed. The team also wanted a partner that delivered exceptional support. “We have a deep understanding of technology and wanted a level of expert support and responsiveness to meet our needs,” said Schmidt.

"Trend Micro Connected Threat Defense helps GHS to proactively protect against sophisticated attacks."

Chris Schmidt,
Manager of Information Security,
Greenville Health System

Why Trend Micro

Schmidt led the process of evaluating several security vendors to choose the best solution for their environment. Trend Micro offered the most comprehensive and responsive solution available. “It’s not a signature-based threat landscape anymore, so we decided to shift to proactive security,” said Schmidt. “Trend Micro offered everything we needed to detect and stop threats before they infiltrated our systems.”

In addition, the Trend Micro solutions were easy to deploy and offered responsive support. Trend Micro also offered centralized policy management and visibility, so GHS could view their entire threat protection landscape from a single pane of glass. “After looking at all the vendors and their solutions, Trend Micro was the clear winner,” said Schmidt. “Trend Micro is able to give me visibility across the whole threat lifecycle from entry to lateral movement to exfiltration.”

Solution

After completing an evaluation of Trend Micro against other vendors, GHS decided to implement the full suite of solutions including Trend Micro™ OfficeScan™, Trend Micro™ Deep Security™, Trend Micro™ Deep Discovery™ Inspector, Trend Micro™ Deep Discovery™ Analyzer, and Trend Micro™ Control Manager. OfficeScan™ keeps the GHS endpoints protected, Deep Security™ provides policy-based management to defend the virtual environment, and the sandbox capabilities of Deep Discovery™ Analyzer provide dynamic protection from zero-day threats. “Trend Micro Control Manager ties everything together with single-screen visibility and reports that identify long-term trends, so we can continually adjust our policies and alerts,” said Schmidt.

Trend Micro Connected Threat Defense is a cross generational approach to security that provides GHS with a highly effective way to protect, detect and respond to new threats, while improving visibility across the organization. Connected Threat Defense assesses potential vulnerabilities and uses network inspection and custom sandboxing to detect advanced malware, threat actor behavior, command-and-control (C&C) communications, and zero-day threats that are invisible to standard defenses.

The shared intelligence model also enables rapid response by sharing local threat intelligence from OfficeScan, Deep Security, and Deep Discovery, and automatically delivers real-time security updates. “Trend Micro Connected Threat Defense helps GHS to proactively protect against sophisticated attacks,” said Schmidt.

Results

For more than three years, Trend Micro solutions have provided significant benefits for GHS. When the IT team first deployed Trend Micro™ OfficeScan™, they immediately recognized a reduction in signature-based malware. Trend Micro™ Deep Security™ discovered and cleaned malware from servers. With Trend Micro™ Control Manager, GHS gained control over their endpoints. “This has allowed us to spend more time tuning our security posture rather than chasing threats,” said Schmidt.

Ransomware attacks at GHS escalated sharply in 2016 with Trend Micro identifying approximately 1,000 ransomware threats. So far in 2017, eight ransomware incidents have been detected, and all have been stopped. Although GHS still detects more than 300 suspicious threats daily, Trend Micro provides the tools to investigate and stop them all.

“Trend Micro solutions have become our security ecosystem. We’re seeing vital security intelligence at the endpoints, hypervisor, gateway, and email level that have enabled our move to a proactive security model,” said Steven Shim, Chief Technology Officer at Greenville Health System.

What's Next

As a leading healthcare organization, GHS understands its security must stay ahead of continually shifting threats. “We’re interested in integrating Trend Micro TippingPoint Next-Generation Intrusion Prevention System, and we’re excited to see Trend Micro’s new XGen security with the optimized set of techniques including things like high-fidelity machine learning and behavioral analysis,” said Schmidt.