Leeds and York Partnership NHS Foundation Trust

Overview

Leeds & York Partnership NHS Foundation Trust (LYPFT) provides mental health and learning disability services to the people of Leeds and across the Yorkshire and Humber regions of the United Kingdom.

Established as a National Health Services (NHS) Foundation Trust in August 2007, LYPFT merged the mental health and learning disability services from NHS North Yorkshire and NHS York in February 2012, becoming the organization it is today.

LYPFT works closely with a wide range of partners in local communities to ensure its services reach those in need. It also provides specialist inpatient care for young people through its Child and Adolescent Mental Health Services (CAMHS) program. As a teaching trust, the organization has strong links to local universities and maintains a reputation as a center of excellence for innovation, research and development.

Challenge

In 2010, LYPFT embarked on a project to manage costs, which affected all facets of the organization. IT budgets were adjusted, leading to a change in web security and the implementation of Cisco IronPort.

Dave Martin, IT Support Analyst at LYPFT, explained that Cisco was contracted to provide networking services such as routers and switches. LYPFT used IronPort strictly as a perimeter protection tool—it was relatively low-cost and given the budget initiatives, it seemed like the appropriate choice at the time.

However, the IronPort solution introduced a number of operational challenges for LYPFT. The level of expertise needed to manage IronPort put a significant and unexpected strain on LYPFT’s IT resources. The IronPort solution also lacked the necessary reporting capabilities—which caused issues between the IT and Human Resources departments because of delays in generating information relating to employee website usage.

There were also concerns about reports being inundated with sizeable amounts of irrelevant information. For example, if a disgruntled employee breached the company’s terms of employment, it would take several hours, even days, to gain the relevant information needed as evidence.

“We needed gateway protection that would not only help generate reports quickly and easily, but also provide useful information on what we’ve seen from the highly advanced threats on our network.”
— Dave Martin, Leeds and York Partnership NHS Foundation Trust

Aside from reporting, LYPFT needed advanced threat protection from ransomware attacks, a prevalent type of malware that many UK businesses currently face. During that time, LYPFT experienced an uptick of attacks similar to the recent spate of attacks on US healthcare organizations, which successfully targeted a considerable number of LYPFT employees.

Solution

Like many public sector organizations, LYPFT faced budget cuts, which made the Trust’s decision-makers cautious about which security solution to deploy. MTI, a global provider of security technologies and services, stepped in to help the organization make a sound decision.

MTI has been a platinum partner with Forcepoint since 2000 and has a wealth of skills around its security technologies. Because of its long-term working relationship with Forcepoint, MTI was able to negotiate a price that fit into LYPFT’s budget, leading to the successful implementation of Forcepoint Web Security.

“IT security is clearly a priority and, as such, budget can be made available. Initially, we thought Forcepoint would be a bit beyond our reach. MTI’s ability to help us negotiate a price was invaluable and made all the difference between whether we could use it or not. Implementation was straight forward and it’s clear that MTI has a lot of expertise.”
— Martin

With the help of MTI, Martin identified Forcepoint Web Security as an industry-leading, unified platform for reporting, sandboxing and data loss prevention (DLP). Evolving, targeted social engineering tactics are countered with the monitoring and reporting capabilities of Forcepoint Web Security.

Results

Although recently founded, the strength of the relationship between LYPFT and MTI is already apparent. MTI has carried out the largest number of Forcepoint implementations in the UK, using its experience to bring a superior level of expertise to LYPFT.

“Ransomware threats are no longer an issue at LYPFT because of Forcepoint Web Security's market-leading data loss prevention solution, which can be deployed in the Cloud, hybrid or on-premises. Forcepoint provides an extra layer of security with detection that stops advanced, non-signature threats such as new strains of ransomware.”
— Martin

In addition, LYPFT is now able to meet reporting requirements more quickly and easily. Forcepoint Web Security has reduced reporting time from several hours to just minutes.

“We can now produce reports within 40 minutes; they are to the point and without any ‘white noise.’ This has satisfied HR, making day-to-day operations easier on everyone. To summarize, Forcepoint is used across about 2,000 devices so to be able to garner the detail we need in such a short time is a great advantage.”
— Martin

The monitoring and reporting tools of Forcepoint Web Security protects LYPFT against the newest advanced threats such as ransomware, while improving operational efficiencies for IT staff responsible for managing defenses. The organization can now detect and defend its network from such attacks before they have a chance to interrupt operations.

LYPFT has relied on Forcepoint security solutions since 2016.