Milpitas, Calif. – January 26, 2009 – ConSentry Networks announced today that Lenox Hill Radiology & Medical Imaging Associates P.C. has migrated its LAN edge to LANShield™ Switches to protect sensitive medical records and restrict access to medical machines. Lenox Hill performs radiology exams on more than 700 patients a day, and all output from these tests is digital. The facility digitally delivers these results, both images and doctors’ reports, to physicians, healthcare practitioners, researchers, universities, and hospitals throughout the area. As a result, critical data needs to traverse both Lenox Hill’s and the partnering facilities’ networks, a situation that raises serious security issues.
“We often depend on our partnering networks for transmission, but we had no way to control those third-party networks,” said Joe Funaro, director of IT at Lenox Hill Radiology. “I needed a way to protect our infrastructure and secure the data, and I needed to do it independently of the application in use and with an eye to protecting all medical records. With ConSentry’s switches, I gain that consistent access control and data protection.”
Funaro notes that the healthcare industry suffers some unique security challenges, in part due to the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). “Most applications aren’t designed with security built in,” he said. “I needed network-level protection that would apply access control regardless of the internal structure of any given application.”
Funaro was also concerned about protecting medical records. “Clearly you have to protect everyone’s privacy, but celebrity medical records in particular present an attractive target for snooping,” noted Funaro.
In his search for access control and data protection, Funaro consulted BatBlue, whose staff has helped Funaro design and implement security, wireless, and LAN connectivity for years. BatBlue was able to offer Funaro a managed security service based on the ConSentry platform to further simplify the deployment at Lenox Hill.
“We were able to quickly identify the access policies Lenox Hill needed to protect medical records and restrict access to its MRI and other radiology devices,” said Babak Pasdar, CEO at BatBlue. “The ConSentry platform provides a great foundation for helping our customers implement LAN-based controls. The LANShield devices offer tremendous flexibility and yet very granular control, so our customers just define their business requirements, and we’re able to create the right policies on the LANShield platforms.”
ConSentry provides intelligent control, delivering a complete understanding of users, the applications they are running, and the resources they are accessing, including details such as file names and URLs. The LANShield Switch authenticates users and devices against standard identity stores and automatically learns their roles. For each traffic flow, the switch identifies the application and destination involved and applies policies based on the user’s role.
The ConSentry InSight Command Center provides centralized policy creation and distribution, and it also aggregates data from the LANShield devices to provide a full record of all LAN activity. BatBlue runs InSight on behalf of Lenox Hill and its other customers to monitor user activity and policy violations. InSight graphically summarizes key events and provides detailed drill-down Layer 7 views when required. With InSight, BatBlue can provide rapid incident response, complete audit trails down to individual user activity, and reporting to its customers.
“Lenox Hill Radiology, like many healthcare providers, has benefited from ConSentry’s simple approach to controlling access to IP-based devices and medical data,” said Rod Kay, executive vice president of sales and marketing at ConSentry. “Only by working with strong partners in the channel like BatBlue can ConSentry reach the customer breadth needed to drive our business.” |
