Client

Ephraim McDowell Health is a comprehensive healthcare delivery system that serves over 119,000 residents across 6 counties in central Kentucky. They offer three hospitals:

  1. Danville – Ephraim McDowell Regional Medical Center
  2. Stanford – Ephraim McDowell Fort Logan Hospital
  3. Harrodsburg – Ephraim McDowell James B. Haggin Hospital

These hospitals are equipped with the most advanced medical technology and staffed by highly-skilled providers. All three Emergency Departments are verified Trauma Centers with 24-hour care. Ephraim McDowell Health is committed to helping people live better through quality health care and trusting relationships.

Challenge

Healthcare organizations are attractive targets to cyber-criminals due to the vast amount of personal information they collect and store. Criminals can use this data to commit identity theft and then obtain expensive prescription medications and devices. Additionally, they can claim fraudulent insurance benefits. Ransomware crews have targeted healthcare and public safety organizations. They’ve done this in an effort to increase their chances of collecting from victims where downtime could mean life or death. Even amidst these threats, Security Operations are difficult to fund and staff. Healthcare IT departments are challenged to provide services to a variety of constituents, support EMR and other core IT services, as well as meet compliance and regulatory requirements from HIPPA. 

A large guest population of patients and physicians, and on-net applications/devices from various vendors and partner connections, create a challenging volume of traffic to monitor. Without a centralized logging system or a SIEM (Security Information and Event Manager) it was difficult to hunt threats, investigate alerts and create alerts from correlated sources.

Solution

Volta proposed to create monitoring and alerting across the customer’s security controls and network infrastructure. A solution like this would improve visibility and mitigate risks. Volta recommended installing a SIEM to allow Volta to collect, correlate and extrapolate the effects of an alarm or outbreak. They would then conduct a vulnerability assessment to address gaps. With these improvements, Volta aimed to become an extension of Ephraim McDowell’s IT team.

Results

Since engaging Volta to implement managed security services, Ephraim McDowell has reduced their mean time to remediation significantly because they have reduced their mean time to know. That new visibility comes from security dashboards for alerts and monitoring. Volta also delivered device and policy configuration for all security assets, as well as web policy and email policy violations reporting. Volta’s Security Managed Services have provided a platform to collect, store and react to events in the present – as well as a tool to investigate and correlate events from the past.

In conclusion, having a partner help operate, administer and maintain network/security infrastructure helps the Ephraim McDowell staff focus on more strategic initiatives with peace of mind.