Since 1984, MEDHOST has been a leader in healthcare technology and solutions, meeting the existing and emerging needs of its customers in advance of market demand. Today, nearly 1,100 North American acute care and specialty hospitals utilise MEDHOST’s solutions and services to improve clinical delivery and financial and operational performance.
A staff of 60 IT professionals manage hosted client environments and internal core services, including all security tools for approximately 1,500 endpoints and 700 pure-play mobile devices. Security is at the core of all MEDHOST activities, from product development and customer support to management of day-to-day operations and hosting a hospital information system. MEDHOST has the same compliance and risk issues as all major enterprises, in addition to a federal mandate to protect patient privacy.
In the wrong hands, patient health records provide opportunities for medical fraud and identity theft, which make them highly lucrative targets. With the monetisation of health records on the dark web, organised crime, nation states and activists are going after healthcare organisations like MEDHOST, which keeps hundreds of hospitals’ protected health information in the cloud. That places a big bullseye on MEDHOST, whose job is to wrap the right security processes, governance and capabilities around its cloud delivery.
As healthcare becomes a bigger target, MEDHOST is working to ensure that weekend surfing from home on a work laptop can’t infect the network on Monday morning. It’s also important for IT to know where employees are saving sensitive information, so they can set appropriate policies to ensure its safety.
One area of growing concern for MEDHOST is the increasing ransomware attacks on
its network. “We’ve seen ransomware attacks continue to increase and they aren’t going away. That’s one reason our users present a huge risk for the organisation from a behavioural standpoint. To combat ransomware and similar attacks, we needed technical controls in place to mitigate risk,” said William Crank, Chief Information Security Officer at MEDHOST.
To find the best security for its infrastructure, MEDHOST decided to look for one IT security provider to meet all of its needs.
Not long ago, MEDHOST provided security through several vendors, including Trend Micro. This arrangement proved inadequate from a cost containment and management standpoint, and eventually led MEDHOST to select a single vendor. “Trend Micro picked up outbreaks that other solutions could possibly miss. We liked how its single console helped us manage threats with limited resources. We decided to go pure-play with Trend Micro and we have not looked back,” said William Crank, Chief Information Security Officer MEDHOST.
"Since implementing the Trend Micro solution, we’ve processed more than 5.2 million emails and stopped more than 12,000 ransomware attacks with no impact on our network"
William Crank, CISO, MEDHOST
MEDHOST uses Trend MicroTM Smart Protection Suites, powered by XGenTM security, to infuse machine learning into a blend of protection techniques that eliminate security gaps across any user activity and any endpoint. “The solution’s antivirus and anti-malware take care of commodity-based threats that come into the network through email and web surfing. Behavioural analysis, web security, exploit protection and machine learning provide more advanced protections, and allow us to extend security beyond the borders of our network,” said Crank.
The Integrated Data Loss Prevention (DLP) module gives MEDHOST visibility into where network users save and store information. “It pulls back the covers and allows us to manage our clients’ information and our information much better. We use the solution to put risk-based policy in place to make sure users are not storing sensitive data in cloud- based applications like Dropbox and Box,” said Crank.
In addition to the Smart Protection Suites, Trend MicroTM Deep SecurityTM gives MEDHOST the capabilities it needs to operate a virtualised data centre and safely move workloads to the cloud. MEDHOST partners with VMware for its virtualisation needs, and with Microsoft® Azure® and Amazon Web ServicesSM (AWS) for its public cloud needs. “Deep Security basically shims into the hypervisor and reduces the CPU cycles and memory usage on the guest VMs (virtual machines),” said Crank.
In today’s threat landscape, MEDHOST reacts to more attacks faster than ever before. “Since implementing the Trend Micro solution, we’ve processed more than 5.2 million emails and stopped more than 12,000 ransomware attacks with no impact on our network,” said Crank.
The engineering team is experiencing new levels of productivity and reduced in-house support costs thanks to security automation and simplified management provided by Trend MicroTM Smart Protection Suites, powered by XGenTM security. “Smart Protection Suites, powered by XGen security, delivers visibility and management through an integrated console that provides a holistic view of what’s going on in our threat landscape. Since adopting the XGen security approach we’ve had no major outbreaks, which has reduced our desktop support team’s workload,” said Crank.
Trend Micro solutions also provide the visibility and metrics that MEDHOST’s executive leadership needs to understand and ensure the environment is secure. “Having clear threat metrics allows us to demonstrate that we selected a world-class solution and partner to help protect our environment. In the last few years, we’ve really moved the needle on security. Trend Micro increases our competence and lets our customers see us as a trusted partner,” said Crank.
Like many other healthcare organisations, MEDHOST plans to continue to strengthen its security posture to remain protected from continually evolving threats. “Working with a partner like Trend Micro, we’re confident new advances in security will keep us protected from increasingly sophisticated threats,” said Crank.