Miami Children’s Hospital

View Miami Children’s Hospital Study

“ForeScout was the only company that could meet all of the hospital’s requirements. In any regulated environment like ours that requires control over threats, ForeScout CounterACT provides tremendous value.”

- Alex Naveira, Information Technology Security Officer, Miami Children’s Hospital

Challenge:
  • Miami Children’s Hospital is a world leader in pediatric healthcare with a medical staff of more than 650 physicians and over 2,000 employees. The hospital has more than 5,000 devices accessing its network at any given time including computers, phones using wireless VoIP, and clinical devices including MRI machines and CT scan devices.
  • The hospital had previously installed a first-generation network access control system, but it was very laborious to maintain, and it did not provide adequate security.
  • Their goal was to find a more efficient and effective way to control network access and ensure endpoint compliance.
Solution:
  • The hospital’s priorities included enforcing security policies to allow only corporate-owned devices on the main network that have: up-to-date antivirus, OS, and application patches, and users were unable to store data to unencrypted hard drives or removable media – helping control confidential patient data as required by HIPAA
  • Miami’s Children’s Hospital conducted extensive research and found CounterACT to be the only solution that could meet all of its requirements for network access control and endpoint compliance.

“CounterACT segregates the hospital’s networks to control what transfers from one network to another, optimize performance, and maintain data security,” and for endpoint compliance because “CounterACT is highly accurate, and does its inspection in real-time.”

Results:
  • Time Savings

“ForeScout CounterACT is a huge improvement from the previous NAC system that we had in place. CounterACT is more highly automated and far easier to maintain.”

  • Better Visibility

“Once the CounterACT appliance was in place, it was very enlightening!  We thought we had 3,000 devices on our network, but when we plugged in the CounterACT appliance, we found 5,600 devices! That alone was a huge benefit. Now we have eyes into what is out there, and we can develop rules to segregate the devices and their access privileges.”

  • Stronger Threat Control

“CounterACT found a virus on a corporate-owned laptop. The device had out-of-date antivirus and out-of-date patches, and it got infected at an Internet café.  When the device connected to the hospital network, CounterACT identified the virus quickly and moved the device to quarantine VLAN to protect our network. Day to day, in an environment like ours, we need this kind of threat prevention.”

  • Improved Endpoint Compliance

“One afternoon, CounterACT alerted us that many of our virtualized servers were non-compliant with our security policies. This was due to a simple mistake made by our datacenter team—they forgot to include antivirus in the new virtual machine configuration that they had rolled out that afternoon. The virtualization team were able to quickly fix the problem, and they thanked us for discovering the gap.”