AUSL Modena is a public healthcare organization established in 1994 after the merger of six pre-existing local healthcare units. The organization spans the Modena province with the majority of facilities in the Emilia-Romagna region. Emilia-Romagna covers an area of 2,690 square Km and more than 700,000 people.
The organizaiton is divided into seven social-health districts (based on their geographical location) and four hospitals. Each hospital is directly managed and integrated into a network which includes Sassuolo’s Hospital, Modena University Hospital and S. Agostino- Estense di Baggiovara General Hospital.
AUSL Modena’s staff is around 8,800 operators, while its onsite end-user base is around 5,000, spread out over 300 local offices.
AUSL Modena understands that many advanced threats reach their target by web and email. The spread of viruses and ransomware like cryptolocker (in all its variants) is the most direct evidence of the attention that organizations must pay close attention to end-user behavior.
“Cryptolocker is a high-level threat for us. In the not-too-distant past, this malware caused a breach in our systems and we had to shutdown our systems for an extended period of time in order to remove the malware and recover all of our assets.”
— Stefano Bravi, IT Infrastructure Manager, AUSL Modena
Protecting the person behind the data
AUSL needed to change its web and email security strategy in order to better manage the appropiate channels. In addition, it needed to integrate with the nearby Modena University Hospital and its 3,000 workstations, focusing more on end-users and less on terminals:
“We needed to raise the security level to protect our end-users. This meant increasing user education and eliminating risky user behavior.”
More accurate control over web browsing and email use
AUSL Modena is one of the many organizations that, in recent years, chose to start revising its web browsing and spam management dedicated solutions in order to align to a changing, more advanced security landscape of threats:
“We started with a proxy server solution for web browsing, monitoring, and, frankly, unstructured technologies to block spam through the email channel. We decided to make a radical change, not only because of the obsolescence of our current solution, but to achieve more precise control.”
In a public healthcare organization, a large amount of attention and resources is dedicated to the protection of the its sensitive data, i.e. patient records administrative and privacy compliance data. An advanced solution for web and email security is essential to assure the adequate prevention of possible data incidents:
“For us it was important to have a single solution to cover both channnels, web and email, with granularity while having the reliability and support of a trusted security vendor.”
For these reasons, AUSL Modena chose Forcepoint Web Security and Email Security, while Forcepoint’s partner, IFIConsulting, provided consulting services for design, deployment and technical support.
On the web browsing side, the Forcepoint solution led to a better definition of access privileges, emphasizing the improvement in IT response times, but also the effectiveness of malicious sites reported. Forcepoint’s Advanced Classification Engine (ACE) and ThreatSeeker Intelligence, work together in real time to accurately identify and classify network traffic, apply correct procedures and detect threats. Similarly, the advanced defense technologies included in Forcepoint Email Security works to detect and prevent targeted attacks and high-risk users:
“The numbers speak for themselves. Within twenty-four hours, the solution had blocked almost 120,000 malicious emails, which means 85% of our email traffic and around 30 GB of messages. We didn’t expect such a quick ROI, but this has reassured our trust in the effectiveness of the Forcepoint solution.”
Automated and effective security with Forcepoint solutions
These results are also backed by a better use of internal resources. Once over burdened by ineffective rules and controls, tasks are now automatically delegated to the Forcepoint solution. AUSL Modena recorded a dramatic drop in the number of interventions required by end-users to remove malware from their desktop:
“After the Forcepoint deployment, we have seen, almost immediately, the effectiveness of having the right security solution in place. We are so happy of our choice that we are now considering a migration to Forcepoint’s cloud services.”
Forcepoint Web Security and Email Security has raised the security level of AUSL Modena’s sensitive data and has effectively provided an advanced solution to web and email channels.