Healthcare Security


Healthcare organizations choose ForeScout to fortify security, privacy and compliance

ForeScout helps healthcare organizations protect confidential patient data, demonstrate compliance with regulations, and provide secure access to a myriad of new devices and user populations in a cost-effective, efficient manner.

The Challenge

As cyber threats continue to evolve, healthcare organizations have to rethink how to ensure security, privacy and compliance, while optimizing patient care services. New technologies such as smart medical devices, mobile and cloud services, and electronic protected health information (ePHI) offer a number of operational benefits. However, these same technologies introduce security risks and may compromise the confidentiality and integrity of sensitive patient data.

Healthcare organizations also have additional information security complexities compared to other institutions. They have to contend with a broader user community of employees, contractors, visiting doctors, caregivers and visitors – all with different computing needs and restrictions. Moreover, health services utilize specialized, network-connected medical devices that present unique monitoring and security requirements. And while security controls are essential, they cannot impede medical procedures when lives are at stake.

Business Challenges
  • Preserve customer trust by protecting data privacy
  • Improve security posture without inhibiting medical procedures
  • Comply with regulatory mandates designed to protect patient data, such as HIPAA and HITECH
  • Expand network access to doctors, clinicians, research organizations, and contractors to accelerate operational efficiency
Technical Challenges
  • Control access to confidential data such as ePHI
  • Prevent infected or non-compliant devices from spreading malware across the network
  • Enable physicians and other caregivers to use their personal devices while preserving security
  • Provide adequate security controls for network-connected medical devices that can’t run agents or supplicants
  • Guard against targeted threats that can result in network downtime or data leakage
  • Measure effectiveness of security controls and demonstrate compliance with regulations such as HIPAA and HITECH
  • Secure heterogeneous networks and multi-vendor platforms resulting from consolidation and merger of physician groups and clinics

Traditional network security focuses on blocking external attacks with firewalls and intrusion prevention systems (IPS). But today, most serious data loss events occur from the inside. Can zero-day attacks and advanced persistent threats scan your network to glean information? Can rogue wireless access points extend your network without your knowledge?

Similarly, traditional endpoint security systems, such as anti-virus, patch management and encryption, provide much-needed endpoint protection but are limited to managed, user-based endpoints. Additionally, these security systems may not be operational and up-to-date on 100% of the endpoints, often over-reporting their deployment and compliance by 10% to 15%, and leaving gaps in protection.

ForeScout’s Solution

Numerous healthcare institutions use ForeScout CounterACT to protect their networks and sensitive data, measure compliance with security policies, and improve operational efficiency.

ForeScout CounterACT is a pervasive network security platform that delivers real-time visibility and control of devices on your network. CounterACT provides network access control (NAC), endpoint compliance, mobile device security and threat control, in one automated system, enabling patient care services without compromising security.

ForeScout CounterACT reduces the risk of data breaches and malware attacks that would otherwise put your organization at risk. And it helps monitor and improve the effectiveness of your security policies, so you can demonstrate compliance with industry regulations such as HIPAA, HITECH and OSHA.


ForeScout CounterACT is a pervasive network security platform that delivers real-time visibility and control of devices on your network. CounterACT provides network access control,  endpoint compliance,  mobile device security and  threat control, in one automated system, enabling patient care services without compromising security.

Network Visibility
  • Automatically detect connected systems including medical devices, users, applications and peripheral devices
  • Monitor devices before and after they connect to your network, continuously
  • Detect hidden infrastructure such as unauthorized wiring hubs and rogue wireless access points.
  • Gain deep visibility into connected systems – type of device, operating system, patch level, location, applications, and user name.
Network Access Control
  • Quickly create and enforce access control policies for corporate and personal devices with a range of alerting, remediation and enforcement options.
  • Disable rogue wireless access points.
  • Block unknown computers from accessing sensitive portions of your network.
  • Grant network access based on the device type and user’s identity and the roles that you have defined in your directory.
Data Security
  • Apply network access policies that allow only authorized users and devices to access the parts of your network with sensitive data such as ePHI.
  • Ensure encryption agents are installed and running on endpoints with access to sensitive patient data.
  • Detect and disable rogue USB devices to prevent loss of sensitive data.
  • Control who uses P2P applications, mobile devices, etc.
  • Ensure that endpoints are compliant with your security policies – antivirus, DLP, encryption, patch level, configuration, etc.
  • Remediate or quarantine non-compliant devices without user involvement.
  • Measure adherence with security policies, helping you demonstrate compliance with regulations like HIPAA, HITECH and PCI DSS.
  • Create on-demand or scheduled reports for management and auditors.
Threat control
  • ForeScout CounterACT includes ActiveResponse™ technology which protects your network from both known and unknown attacks with accuracy. This unique technology does not require signature updates or other forms of maintenance. ForeScout CounterACT provided zero-day protection even against the Conficker and Zeus trojans.
ControlFabric Integrations
  • ControlFabric enables ForeScout CounterACT and other IT solutions, such as endpoint protection, SIEM, VA, ATD and MDM systems, to exchange information and more efficiently mitigate a wide variety of network, security and operational issues. As a result, you can achieve continuous monitoring and mitigation capabilities that better leverage your infrastructure investments and optimize your IT resources. For example, the information generated by ForeScout CounterACT can be exported to your existing SIEM, GRC or reporting systems. Customers can also build custom integrations with the Open Integration Module.


ForeScout CounterACT enables healthcare organizations to implement a dynamic risk mitigation strategy founded on the principles of real-time endpoint intelligence, context-based access control and automated remediation. CounterACT’s unique capabilities give you an unbeatable combination of improved security, cost savings, and productivity gains.

Improve security
  • Reduce risk of infection by ensuring that endpoints are properly configured, antivirus is properly running and updated, vulnerabilities are patched, and the latest versions of software is installed.
  • Reduce risk of data loss by ensuring that encryption and DLP agents are running properly. Ensure that users with access to sensitive data are not able to run unauthorized applications or use peripheral devices (e.g. USB memory sticks).
  • Reduce risk of the unknown. Detect and monitor use of unmanaged devices such as smartphones, tablets, USB interfaces, and printers.
Save money
  • Reduce IT costs by leveraging automated processes for inventory management, guest registration, BYOD onboarding and remediation of compliance issues.
  • Avoid penalties associated with data leakage. A secure network, with secure endpoints, is less likely to suffer a data breach. Avoid financial penalties, impact to your corporate reputation, and potential federal, state and civil lawsuits.
Save time
  • ForeScout’s advanced automation operates without the need for manual intervention by IT administrators or users.
  • Realtime data and reports show you problems on your network right now, letting you take action while the problem still exists.
  • By improving your endpoint security posture, you will suffer fewer infections and avoid time-consuming drills to repair infected workstations.
Avoid disruption
  • Unlike traditional NAC products that disrupt users with heavy-handed security controls, ForeScout CounterACT offers a full spectrum of enforcement actions ranging from modest (notifications) to stringent (update software, kill processes or quarantine device). The range of enforcement actions helps you be more successful by working with users, not against them.
Low cost of ownership
  • Unlike traditional agent-based security systems, ForeScout CounterACT is a simple appliance that installs on your network.   It requires no software installation.   It can be deployed and functioning in one afternoon.
  • Vendor-neutral, infrastructure-independence eliminates need for expensive upgrades and prevents vendor lock-in.
  • Maximize value of existing security products and functions by automatically re-enabling any user-disabled endpoint security tools.
Gain coverage
  • Unlike traditional agent-based security systems, ForeScout CounterACT allows you to enforce security policies on all devices on your network – managed and unmanaged, corporate and personal, PCs and mobile devices.
  • ForeScout CounterACT works with what you have – your existing switches, routers, firewalls, endpoints, patch management systems, antivirus systems, directories, ticketing systems.
Accelerate results
  • ForeScout CounterACT provides useful results on Day 1 by giving you visibility to problems on your network. The built-in knowledge base helps you configure security policies quickly and accurately.
Reduce information silos
  • Your existing security and IT management systems have valuable information. By leveraging the ControlFabric ecosystem, you can break down these silos of information, better leverage your infrastructure investments, and optimize your IT resources.

Product Tours

Product Screenshots

Click image to enlarge.

Windows PC inventory with missing updates

ForeScout CounterACT shows you in realtime which PCs on your network contain vulnerabilities.

Virtual Client-unauthorized changes

ForeScout CounterACT can identify unauthorized changes to PC configurations or software.

Unauthorized processes

ForeScout CounterACT shows you which PCs are running unauthorized processes.

Unapproved Network WiFi device

ForeScout CounterACT identifies rogue WiFi devices.

Kill peer-to-peer user experience

ForeScout CounterACT lets you kill unauthorized software, keeping endpoint systems in compliance with your security policies.




Analyst Reports

Solution Briefs

White Papers

Best Practices Guide

Webinars and Webcasts

Competitive Analysis


Success Stories