Secure SSL connections and firewalls are not enough
Many security solutions require special software on workstations, “Secure SSL connections and ﬁrewalls are not enough which creates an extra security layer. Furthermore, you are not allowed to install third-party software on a lot of medical devices. We opted for Tesorion Immunity because you don’t have to install anything on the workstations.
Gerrit ten Harmsen, ICT-adviseur Gelre Ziekenhuizen
Gelre hospitals, with 3,300 employees, 180 medical specialists, 300 volunteers and a catchment area of more than 280,000 residents, is one of the larger hospitals in the Netherlands. There are two hospitals: one in Apeldoorn and one in Zutphen and three outpatient clinics.
They have been using Tesorion Immunity since early 2014. This prevents unauthorised persons from being able to connect to the Ethernet and gaining access to applications and conﬁdential data. According to internal IT consultant Gerrit ten Harmsen, it is the perfect solution to ensure compliance with NEN 7510.
”At the hospital, it is Gerrit who has responsibility for the choice and roll-out of Tesorion Immunity. It was technology partner, Imtech ITC, who alerted him to Tesorion’s product.”
A shutdown of the entire network would be disastrous for our service.
Or you might have a situation where an employee connects their personal laptop which is infected. A hospital cannot afford to have these types of security breaches.
“NEN 7510 states that you must take appropriate measures to prevent any breaches in data security,” he says. “This means that you have to secure the IT network in such a way that you can identify who is active on the network and when. Secure SSL connections and ﬁrewalls are not enough. They only protect against intruders trying to gain access via the Internet.”
In order to serve visitors, patients, staff and medical equipment via the same network, security is crucial.
Data breaches are not allowed
“You have to close the doors on the inside as well.” Anyone in the hospital can pull an Ethernet cable out of the wall socket and plug their own in. Or you might have a situation where an employee unwittingly connects their personal laptop which is infected. A hospital cannot afford to have these types of security breaches.”
By the book
Gerrit is exceptionally pleased with the implementation process. “Everything went exactly according to PRINCE2. Firstly, we formulated the speciﬁcations and requirements and set the targets. A blueprint was then drawn up, tested, documented and delivered, all by the book. All this was completed within a few months. At our request, Tesorion also incorporated additional functionality, allowing us to conﬁgure for every individual Ethernet port which device has access. Trying to connect an unauthorised device to the network will not work.”
“After the handover, we were able to roll out the solution at our own pace across the 10,000 switch ports in Apeldoorn and Zutphen. If necessary, we can contact the service desk. Contacting them is very easy and they respond quickly and efﬁciently.”
“We are an open hospital,” according to Gerrit. “In order to serve visitors, patients, staff and medical equipment via the same network, security is crucial. By using Tesorion Immunity we have taken one step towards closing the internal door.”