Southern Health NHS Foundation Trust uses Trustwave SIEM and Content Security Solutions to Develop 'Defense in Depth' Infrastructure
LONDON - July 16, 2013 -Trustwave today announced that one of the largest health service providers in the United Kingdom, Southern Health NHS Foundation Trust, has deployed security information and event management (SIEM) and content security technology from Trustwave as part of a complete overhaul of its existing IT security strategy that went live last week.
A merger of two Trusts sparked the decision to design a new state-of-the-art, consolidated network - previously run by four different service providers - serving thousands of staff operating across more than 150 sites around the South of England. Southern Health NHS Foundation Trust is using Trustwave SIEM to collect, analyze and assess security events proactively for rapid identification, prioritization and response.
"Trustwave offers us a security safety net that helps protect our networks, patients and stakeholders from potential data loss or theft of sensitive clinical or patient records," said Adam Newman, Infrastructure and Security Architect/Interim Security Manager at Southern Health NHS Foundation Trust. "It is a core part of our 'defense in depth' strategy allowing us not only to monitor and pre-empt security breaches but also to act as a vital source of forensic data should the worst happen."
"We started using mail and Web filtering from Trustwave, so extending this to log and event management was a sensible choice, especially since their portfolio contains complementary technologies and services. We also received excellent service and support from Infinigate and Caretower who provided these products, which was an important factor for us," said Anthony Guethert, Head of IT Architecture and Design Authority for the Trust.
A key requirement of the new infrastructure was to adhere to UK security guidelines, known as Good Practice Guide 13 (GPG 13), that government organizations must follow if they wish to connect to the UK government's Extranet. The Trust also wanted the ability to permit the secure remote working of health workers, allowing them to access the central network from patients' homes or while on the road.
"Security was a key priority for us, and we initially drew up a set of priorities that would accommodate the needs of the Trust today and into the foreseeable future," added Newman, who was one of the team of three charged with designing the network and consolidating them into two core data centers in Basingstoke and Havant, as well as three secondary locations. "Key to this was incorporating all the existing 9,000 users and critical apps as well as those hosted on the NHS N3 cloud network, which provides email, accounting, purchasing and RIO, the Patient Administration System to Trust employees."
According to Newman, "Of paramount importance to us in choosing Trustwave SIEM was the option to have either an on-site or fully-managed service by the vendor. This was critical given the shortage of security staff with the experience and skill to manage and interpret the security intelligence created by the system."
Consideration of regulatory matters such as the European Union Data Protection Law was also crucial in planning for the future. Both GPG 13 and EU regulations stipulate minimum requirements for the maintenance of logs on network moves, additions, changes and deletions, which needed to be stored for forensic analysis in the event of a breach. The availability of pre-configured report templates and on-device storage on the SIEM also offered vital hardware and manpower cost savings to the Trust.
Trustwave SIEM solutions have helped businesses of all sizes protect their environment as part of both organizational compliance and defense-in-depth security strategies. Trustwave offers a variety of SIEM deployment options including software, managed security services and appliances.
For more information about Trustwave SIEM, visit: http://www.trustwave.com/siem.
About Southern Health NHS Foundation Trust
Southern Health provides community health services, specialist mental health and learning disability services for people across Hampshire, UK and its surrounding area. The Trust provides services for adults and children, as well as Hampshire's stop smoking service, Quit4Life, and the Hampshire Community Dental Service. Southern Health operates from over 170 sites, serving a population of around 1.3 million people. Employing approximately 9,000 staff, its community services aim to bring health care closer to home, offering community-based care to help people stay independent in their own homes.
About Trustwave
Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper® portal and other proprietary security solutions. Trustwave has helped hundreds of thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices worldwide. For more information, visit https://www.trustwave.com.
