New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
 
2008 Best Deployment Scenario

Safend Protector secures network infrastructure and helps prevent data breach


Background:
This is a large organization which comprises of three hospitals in New York State and specializes in the treatment of patients with a wide range of psychiatric diagnoses and disorders as well as addictions to alcohol and chemical substances. The organization also provides management, marketing and operational consultation services to health care providers and maintains 15 outpatient clinics throughout the northeast.

ORDER REPRINTS
 
Info Security Products Guide
 
this article
 
COMPARE and print reports
 
RATE products

Challenges:
Given the nature of the organization, its employees and contractors handle sensitive patient information as a part of their day-to-day activities. Highly confidential data is recorded that contains details which could be harmful to patients’ personal and professional lives if it were to be made public. Additionally, compliance regulations such as HIPAA require tight controls over how medical records are accessed and stored. According to the organizations’ IT Operations Manager, “Not only is data security important to us from a business perspective but it’s required for HIPAA compliance; it’s absolutely critical.” The organization employs more than 2,000 people within its treatment centers and business facilities. It’s IT security staff, comprised of eight people, is in charge of maintaining and securing nearly 400 PC workstations. While the organization has not experienced a data security breach, the IT Operations Manager understands the need for efficient communication processes as well as the threats they present to patient information.
Safend Best Deployment Scenario

“Safend Protector is much more robust than the other solutions we considered.  It integrates deeper with Active Directory, offers enhanced reporting options and can grant or restrict access to data based on file type.”

The Organizations IT Operations Manager


Issues:
The organization handles highly confidential data about its patients. With nearly 400 PC workstations, and more than 2,000 employees within their treatment centers and business facilities, the organization was in need of a technology that would not only meet HIPAA compliance needs, but provide a precaution to prevent any data security breaches. The organization has not experienced any data security breaches, but was looking for a way to keep up with the technology advances, and avoid any chance of a data security breach in the future.

Solution provided by Safend: Safend Protector is the solution chosen by the organization. Safend Protector secures all local and physical communications ports including USB, Firewire, PCMCIA; wireless endpoints including WiFi, Bluetooth and IrDA; and removable storage devices such as CD/DVD-RWs, iPods, and flash drives. Safend Protector detects and allows restriction of devices by device type, model or even specific device serial number. For storage devices, Safend Protector allows security administrators to either block all storage devices completely, permit read-only, encrypt all data on devices as well as monitor, block and log files that are downloaded to or read from these devices. WiFi controls are based on MAC address, SSID or network security level. Safend Protector offers reliable, easy-to-use, tamper-proof endpoint monitoring as well as device identification and blocking based on administrator-defined policies. Immunization against hardware keylogger devices is an additional feature.

Safend Protector’s lightweight and tamper-proof client-side agents are easily deployed and installed silently at the endpoint with no reboot required. The Protector agent operates at the kernel level, and includes redundant, multi-tiered anti-tampering features to guarantee permanent control over endpoints. Even local administrators can’t circumvent the security policy. In addition, agents are invisible to end-users until a non-approved device is connected, at which time a custom-defined notification appears.

“Safend Protector allows the organization to not only protect its confidential patient data but also protect its entire infrastructure. Now, when employees plug in unauthorized storage devices, the risk of data loss or theft is eliminated. Using Safend Protector, the organization now has extremely robust layers of security in place - before anyone can access the network. The organization has told us that they wish they had Safend Protector two or three years ago.”

Gil Server, Founder and Chief Executive Officer

Summary:
By implementing the Safend Protector, the organization was able to maintain secure files without the threat of a data breach. The implementation of Safend’s offline tracking of USB storage devices provided the organization the added visibility to all files that were copied to or from a removable storage device when it was not connected to the network.  For users authorized to use removable storage devices, Safend Protector includes removable storage and CD/DVD disk encryption to ensure data is completely protected when in motion – even if a memory stick or CD is lost or stolen. For the organization, the Safend Protector is much more robust than the other solutions they considered. It integrates deeper with Active Directory, offers enhanced reporting options and can grant or restrict access to data based on file type. The Safend Protector’s real-time updates allow the organization’s IT security staff to know what devices are connected where, and which files have been accessed or copied to or from each device.


Safend, Inc.
2 Penn Center, Suite 300
Philadelphia, PA 19102 USA
Tel: 1-215-496-9646