New Users
Home
Analysts & Consultants
People
Channel Advantage
Products
Technology
Case Studies
Awards
About This Guide
University of Utah Health Sciences Center (UUHSC)
Background: University of Utah Health Sciences Center (UUHSC), a leading health services institution since 1965, combines excellence in education, research and clinical care, to provide state-of-the-art care to over five million people in Utah and the surrounding states of Idaho, Nevada, Wyoming, Montana and New Mexico. Recognized as one of “America’s Best Hospitals” for 11 years running by U.S. News & World Report, UUHSC relies on advanced information technology to enable its high-quality, award-winning healthcare.
Challenges: UUHSC has a diverse base of 12,000 users comprised of clinicians and administrators. With more than 2,700 users concurrently accessing a Citrix-based network for everything from Epic and Cerner Millennium healthcare applications, to Microsoft Office and an array of financial packages, UUHSC’s system was not only stressed, it was also highly vulnerable to security risks that could impair the hospital’s operations. Virus vulnerability. In September 2005, UUHSC was hit with a worm that essentially brought its infrastructure to a halt. IT had to install the fixes and re-image 160 servers in order to fully destroy the worm and restore its systems. Citrix connectivity was severed, and access to the hospital’s crucial applications was severely limited. It took UUHSC a full week to re-establish connectivity to their Citrix servers, and four weeks to restore its infrastructure back to an acceptable level. Eight months later, IT is still finishing the last of the clean up tasks. IT knew that it could not afford another virus hit. User control. With so many users, UUHSC’s infrastructure is vulnerable to activities that, whether intentional or inadvertent, could corrupt the network. Controlling how each user interacts with its server-based applications was virtually impossible. As a result, IT spent much of its time troubleshooting problems that diverted their attention from more strategic initiatives.
Challenges:
UUHSC has a diverse base of 12,000 users comprised of clinicians and administrators. With more than 2,700 users concurrently accessing a Citrix-based network for everything from Epic and Cerner Millennium healthcare applications, to Microsoft Office and an array of financial packages, UUHSC’s system was not only stressed, it was also highly vulnerable to security risks that could impair the hospital’s operations.
Virus vulnerability. In September 2005, UUHSC was hit with a worm that essentially brought its infrastructure to a halt. IT had to install the fixes and re-image 160 servers in order to fully destroy the worm and restore its systems. Citrix connectivity was severed, and access to the hospital’s crucial applications was severely limited. It took UUHSC a full week to re-establish connectivity to their Citrix servers, and four weeks to restore its infrastructure back to an acceptable level. Eight months later, IT is still finishing the last of the clean up tasks. IT knew that it could not afford another virus hit.
User control. With so many users, UUHSC’s infrastructure is vulnerable to activities that, whether intentional or inadvertent, could corrupt the network. Controlling how each user interacts with its server-based applications was virtually impossible. As a result, IT spent much of its time troubleshooting problems that diverted their attention from more strategic initiatives.
Issues: UUHSC did not have control over what its diverse, large base of end-users were doing to the computers and, therefore, to the network. Spyware and malware could easily infiltrate the infrastructure, bringing everything to a half and compromising data integrity. End-users could also unknowingly cause issues by deleting important files and other actions. The end result was that IT would have to pull resources to deal with the security issues, and end-user productivity would be severely impacted. This could be—as was—very detrimental to a busy, high-quality hospital like UUHSC.
Solution provided by AppSense: UUHSC is using AppSense Application Manager and AppSense Environment Manager. AppSense Application Manager: This software solution uniquely provides security from within by automatically blocking 100% of unauthorized applications and executables on desktops and servers, enabling UUHSC to proactively secure systems in ways previously not possible. AppSense Application Manager provides ‘out-of-the-box’, day zero protection against all unknown and unauthorized applications. It reduces UUHSC vulnerability by removing the threat of attack from malicious software and more effectively managing application use. Using secure kernel level interception and integration with NTFS security, AppSense Application Manager intercepts all execution requests and automatically blocks any unwanted applications. Once a set of user, group and client rules is defined, AppSense Application Manager locates and applies defined rules for each logged on user. If no specific rules are found, then a default level of protection is applied, which will only allow administrator-installed applications to run. AppSense Environment Manager This solution enables UUHSC IT to centrally set-up, lock-down and self-heal user environments: Application Lockdown: Administrators are empowered to strip out unwanted functionality from third party software for security reasons. Lockdown actions are configured using the Lockdown Control Wizard. For example, administrators can hide or disable user interface controls and block keyboard shortcuts for all, or specific, applications. Self-healing: Self-healing technology ensures that computer and user settings are restored to their original state in the event of unauthorized changes. AppSense Environment Manager self-heals a wide range of items from processes and services to files and the Registry. Self-healing can be used to ensure critical security software is always running, providing additional security against the threat of trojans, worms and spyware.
Solution provided by AppSense: UUHSC is using AppSense Application Manager and AppSense Environment Manager. AppSense Application Manager: This software solution uniquely provides security from within by automatically blocking 100% of unauthorized applications and executables on desktops and servers, enabling UUHSC to proactively secure systems in ways previously not possible.
AppSense Application Manager provides ‘out-of-the-box’, day zero protection against all unknown and unauthorized applications. It reduces UUHSC vulnerability by removing the threat of attack from malicious software and more effectively managing application use. Using secure kernel level interception and integration with NTFS security, AppSense Application Manager intercepts all execution requests and automatically blocks any unwanted applications. Once a set of user, group and client rules is defined, AppSense Application Manager locates and applies defined rules for each logged on user. If no specific rules are found, then a default level of protection is applied, which will only allow administrator-installed applications to run.
AppSense Environment Manager This solution enables UUHSC IT to centrally set-up, lock-down and self-heal user environments:
Application Lockdown: Administrators are empowered to strip out unwanted functionality from third party software for security reasons. Lockdown actions are configured using the Lockdown Control Wizard. For example, administrators can hide or disable user interface controls and block keyboard shortcuts for all, or specific, applications.
Self-healing: Self-healing technology ensures that computer and user settings are restored to their original state in the event of unauthorized changes. AppSense Environment Manager self-heals a wide range of items from processes and services to files and the Registry. Self-healing can be used to ensure critical security software is always running, providing additional security against the threat of trojans, worms and spyware.
“UUHSC’s challenges were ideal for AppSense solutions. It was unfortunate that UUHSC was hit by a piece of malware that brought their systems to a halt. What it illustrates, however, is that even the server-based computing model of publishing applications to users is not a panacea for protection against sophisticated malware. What it also demonstrates is that the threat to organizations is not only from outsiders trying to gain access to internal systems for malicious intent; the threat is also very real from people on the inside, people who often don’t have malicious intent. In this case, UUHSC was infected by a worm unknowingly brought in by a legitimate contractor working on their behalf. Fortunately for UUHSC, deploying AppSense Application Manager on their Citrix servers provides complete proactive protection from both threats from inside and outside the organization.”
Janis Miller, Manager Healthcare & Alliances, AppSense
Summary: Because of AppSense, UUHSC doesn’t even worry about viruses anymore. It’s just not on their radar screens. UUHSC has had no security breeches since installing AppSense. With AppSense’s proactive approach to security, spyware and malware simply cannot infiltrate the Citrix servers. It worked right out-of-the-box, enabling UUHSC to immediately benefit from a completely secure environment. End-user productivity is never affected by security issues, and IT never has to pull resources to fix infected systems. AppSense totally stops any user input that could affect security.
AppSense LTD 3333 West Commercial Boulevard, Suite 105 Fort Lauderdale, FL 33309 USA Tel: 1-954-730-7400
Download the complete case study From Info Security Products Guide site: CLICK HERE
Recommend this to others:
HOME |
ADVERTISE WITH US |
TELL US ABOUT YOURSELF |
UPDATED PRIVACY POLICY |
Copyright © 2006 Silicon Valley Communications - All rights reserved.
