About The Customer
A leader in the healthcare analytics market handled sensitive data on patients and employees, as well as critical intellectual property of its own. When several key partners – including a major insurer – saw a rise in cyberattacks seeking protected health information (PHI) they recommended that the company implement Data Loss Prevention (DLP) and Endpoint Detection & Response (EDR) solutions on an aggressive timeline.
The Business Challenge
Healthcare analytics organizations collect data from providers, insurers, pharmaceutical companies, and patients to discover methods for improving patient outcomes while also improving operational efficiencies. The data exists in multiple formats and is highly sensitive, including specific diagnoses for patients, insurance claim information, and confidential clinical trial data. Some data types are subject to regulatory standards only when paired with other data (e.g., diagnoses paired with patient identifiers).
Several of the company’s largest partners requested the deployment of both DLP and EDR within an 18-month window to ensure sensitive data was used properly internally and to prevent data theft.
The company had a small security team, but recognized it was not prepared to manage both DLP and EDR with its existing resources. In their words, “getting budget for security solutions was simple compared to getting budget for additional personnel.” In short, they needed a partner that could act as their security experts and provide oversight and guidance for protecting their data.
Critical Success Factors
- Satisfy partner’s recommendation for DLP and EDR
- Minimal impact on internal security resources
- Visibility to all data use throughout the environment and through egress points
- A partner with demonstrated experience managing sensitive information for customers
The Solution
The company knew Fortra™’s Digital Guardian® ’s reputation through its existing business partners and conducted an extensive proof of concept with Digital Guardian and another vendor. The process demonstrated Digital Guardian’s expertise in designing policies to meet the company’s requirements, its ability to provide visibility to data throughout the environment and provide alerts and remediation guidance when required. Digital Guardian’s ability to deliver DLP and EDR with a single agent simplified deployment and overhead on the endpoints while accelerating compliance efforts.
When alerts occurred, Digital Guardian’s Managed Security Program (MSP) team was able to quickly identify any changes on endpoints, including whether any new processes were launched and if any additional endpoints were affected. Before Digital Guardian, the company was “blind to these events.”
The granularity of policies available in Digital Guardian also impressed the company. Previously they prohibited the use of cloud storage services like Dropbox out of concern that sensitive data could be exfiltrated. This forced employees to request one-off exceptions from security repeatedly when they needed to send large file. This often caused users to view security as a blocker in the business and created unnecessary friction between security and the business units. With Digital Guardian, the company could allow departments or individuals with access to these services, while still protecting uploads that included PHI or other sensitive data.
The Results
Digital Guardian’s visibility to all sensitive data and control over its use allowed the company to achieve compliance with its partner’s request ahead of schedule. The Digital Guardian MSP team’s ability to create policies that protected data while supporting the Company’s business goals provided that compliance with minimal staffing impact. In the words of the company’s Director of Information Security, implementing Digital Guardian allowed the company’s security team to become a partner of the business side of the organization instead of being “a destination of ‘no’”.