Ephraim McDowell Health is a comprehensive, integrated healthcare delivery system that serves more than 119,000 residents from six counties in central Kentucky. They offer three hospitals – Ephraim McDowell Regional Medical Center in Danville, Ephraim McDowell Fort Logan Hospital in Stanford and Ephraim McDowell James B. Haggin Hospital in Harrodsburg. These hospitals are equipped with the most advanced medical technology and staffed by highly-skilled providers. All three Emergency Departments are verified Trauma Centers with 24-hour care. Ephraim McDowell Health is committed to helping people live better through quality health care and trusting relationships.
Healthcare organizations are attractive targets to cyber-criminals, which is due somewhat to the vast amount of personal information they collect and store. Criminals can use this data to commit identity theft and then obtain expensive prescription medications and devices, as well as fraudulent insurance benefits. Ransomware crews have targeted healthcare and public safety/services organizations in an effort to increase their chances of collecting from a victim where downtime can literally mean life and death. Even amidst these threats, Security Operations are difficult to fund and staff. Healthcare IT departments are challenged to provide services to a variety of constituents, support EMR and other core IT services, as well as meet compliance and regulatory requirements from HIPPA.
A large guest population of patients and physicians, and on-net applications/devices from various vendors and partner connections, create a challenging volume of traffic to monitor. Without a centralized logging system or a SIEM (Security Information and Event Manager) it was difficult to hunt threats, investigate alerts and create alerts from correlated sources.
Volta proposed to create monitoring and alerting across the customer’s security controls and network infrastructure to improve visibility and mitigate risks. Volta recommended installing a SIEM, which would allow Volta security monitoring to collect, correlate and extrapolate the effects of an alarm or outbreak. They would then conduct a vulnerability assessment to address gaps. With these improvements, Volta aimed to become an extension of Ephraim McDowell’s IT team.
Since engaging Volta to implement managed security services, Ephraim McDowell has reduced their mean time to remediation significantly because they have reduced their mean time to “know” with security dashboards for alerts and monitoring. Volta also delivered device and policy configuration for all security assets, as well as web policy and email policy violations reporting. Volta’s Security Managed Services have provided a platform to collect, store and react to events in the present – as well as a tool to investigate and correlate events from the past.
Having a partner help operate, administer and maintain network/security infrastructure using best practices helps the Ephraim McDowell staff focus on more strategic initiatives with peace of mind.