NHS Foundation trust secures patient data with Sophos
October 2008 by Marc Jacob
Basildon and Thurrock University Hospitals NHS Foundation Trust protects against data loss and saves vital resource with endpoint, email and web security.
IT security and control firm Sophos today announced that Basildon and Thurrock University Hospitals NHS Foundation Trust has selected Sophos Enterprise Security and Control to protect its extensive network, which holds all its sensitive patient data, against threats such as malware, hackers and data leakage.
The deployment has been rolled out across the Trust’s entire infrastructure, including all 2,500 user machines, 132 servers as well as the web and email gateways, protecting patient and staff information. Using the integrated Network Access Control (NAC) feature, Basildon and Thurrock can easily set and control access policies for staff and guests to further safeguard its data.
One of the UK’s first NHS Foundation Trusts, Basildon and Thurrock is also an associate teaching hospital providing an extensive range of acute medical services across its three sites in South West Essex – Basildon and Orsett Hospitals, and St Andrews Centre, Billericay. The Trust’s main site at Basildon is also home to The Essex Cardiothoracic Centre (CTC), one of the most modern centres of its kind in the UK. Using the latest equipment and technology throughout, including state-of-the-art operating theatres and cardiac catheter laboratories, the CTC is heavily reliant upon computer security to protect it from devastating cyber attacks with the potential to bring the high-tech unit to a standstill.
Basildon and Thurrock University Hospitals NHS Foundation Trust chose Sophos Endpoint Security and Control to replace its existing Symantec solution. With governance and compliance issues at the forefront of the Government’s security strategy, finding a fully comprehensive solution that would protect all computers against attack was paramount.
“A well-secured IT network is vital within the NHS,” said Antony Barke, senior technical engineer at Basildon and Thurrock. “We need to be confident that we are protecting our data and our systems against all types of threats – be those internal or external. Sophos wins hands down when it comes to endpoint protection - not only can we control access granted to guest computers, and monitor applications run by employees, but we can manage it all remotely from a central console."
Basildon and Thurrock University Hospitals has also deployed three Sophos WS1000 Web Security Appliances to defend its corporate network against modern web attacks and productivity threats. In addition, two ES4000 email appliances – each able to handle up to 80,000 messages an hour, with automated security updates and on-demand remote assistance – constantly protect the Trust’s email gateway from email-borne threats, spam, phishing, and data leakage.
The Trust is also using the integrated NAC and application control features of Endpoint Security and Control to safeguard access to sensitive data, as well as running Sophos’s anti-virus protection on its virtual servers.
“Initially, control wasn’t part of our criteria, as we were more concerned about security, but once we tried the Sophos solution we welcomed the additional control it gave us,” remarked Barke. “Sophos’s suite gives the IT team complete control over the Trust’s network – whether this is blocking unauthorised applications, such as alternative internet browsers, or setting and managing policies regarding who has access to what data – on top of first-rate security.”
The Trust is already benefitting greatly from reduced administration time and 24/7 customer support as a result of deploying Sophos Endpoint Security and Control – a huge advantage for the IT team with three sites to manage.
“Our previous solution gradually became unusable for us,” continued Barke. “The Trust’s staff – from admin support to the medical workforce – rely heavily on PCs for their day-to-day workload, so downtime is just not acceptable. Because Sophos’s solution is fully managed, it can update in idle time meaning it isn’t a drain on precious resource, and the customer support is just excellent."
“Organisations like Basildon and Thurrock University Hospitals NHS Foundation Trust have masses of sensitive data stored across their infrastructures, so ensuring the security of the entire network can be a daunting responsibility for IT departments,” said Andrew Bradshaw, vice president of Sophos UK. “With so many public sector data loss incidents making the news recently, a reputable security solution that helps IT teams to put robust user policies in place is key to safeguarding sensitive information and keeping a reputation intact."