Leading healthcare provider minimizes risks of expanding IoT attack surface – 66% previously unknown devices identified on network
SAN JOSE, Calif., Dec. 15, 2021 – Forescout Technologies, the leader in Active Defense for the Enterprise of Things, today announced that University Health Network (UHN) has deployed the Forescout platform to reduce the risk of ransomware and breach of medical records, maintain regulatory compliance and accelerate its adoption of Zero Trust security. UHN is Canada’s largest public research and teaching hospital network with close to 20,000 employees and over 40,000 devices across four hospitals and other facilities.
UHN implemented Forescout’s technology to obtain unparalleled device visibility, automate security policy enforcement and streamline the integration across multiple network security solutions. UHN deployed the Forescout platform quickly, with 90% of UHN’s devices classified out of the box within the first week. Within just one month, UHN’s security team had classified the remaining devices across the entire enterprise. Before implementing Forescout, UHN estimated that the organization had around 24,000 total devices. Once deployed, however, Forescout discovered more than 40,000 devices, which was approximately 66% more devices than UHN expected. With Forescout in place, UHN maintains a real-time inventory of every asset connected to its network, as well as being able to isolate devices by type or use. Forescout’s seamless integration across multiple cybersecurity solutions allows UHN to quickly identify and remediate compromised devices when a security alert is triggered.
“Any large healthcare organization today needs a strategy to deal with the exponential increase in the number of IoT devices and ever-increasing volume of sophisticated threats, including ransomware. Forescout offers a truly differentiated and powerful solution that helps us secure our organization with continued innovation and a stellar customer experience,” said Kashif Parvaiz, Chief Information Security Officer, University Health Network. “The ability to remotely find the infected device and immediately neutralize or quarantine it to keep the network safe has been a game-changer – our SOC typically responds to a ransomware incident in minutes instead of hours.”
UHN has a wide range of medical IoT devices, from patient monitoring to laboratory analysis, as well as non-clinical IoT devices such as building automation systems. Many critical patient care systems require legacy operating systems while many clinicians continue to procure state-of-the-art devices, creating a complex environment to manage and secure. To protect its patients and maintain compliance with PHIPA, HIPPA, and PCI, UHN needed to gain full visibility across its network, quickly block unauthorized devices, and segment critical devices.
“There has never been a greater sense of urgency for large healthcare organizations to focus on their cybersecurity strategy given the dramatic increase in attacks over the past year,” said Tamer Baker, Forescout’s vice president of Global Healthcare. “Forescout’s 20+ years of device intelligence and automated cybersecurity governance makes our platform the solution of choice for the healthcare sector. It is truly a pleasure to partner with UHN and many other healthcare organizations to help them achieve their security goals, including mitigating the risk of ransomware and accelerating Zero Trust security.”
“Forescout shows us exactly what is on our network and empowers us to respond to incidents faster and with the most appropriate action. We also really appreciate that a single platform also paves the way to dynamic network segmentation and Zero Trust,” continued Parvaiz.
Forescout Technologies, Inc. actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing. Fortune 1000 companies trust Forescout as it provides one of the most widely deployed, enterprise-class platforms at scale across IT, IoT and OT managed and unmanaged devices. Forescout arms customers with extensive device intelligence, data and policies to allow organizations across every industry to accurately classify risk, detect anomalies and quickly remediate cyberthreats without disruption of critical business assets. Don’t just see it. Secure it.