Share this
Healthcare IT and Microsegmentation - a Main Line Health Case Study
by William Toll on Jun 27, 2024 7:31:39 PM
Recently Elisity with the support of H-ISAC hosted a live online discussion with Aaron Weismann, CISO of Main Line Health and Marty Overman, Head of Worldwide Sales at Elisity.
Title: Microsegmentation: Why It Matters and How to Do It with No Disruption | Listen to the Replay Now
The discussion centered on Main Line Health’s desire to greatly improve its network security program to prevent ransomware or other attacks from moving laterally, east-west, across its network. The project's top guiding principle was to avoid any disruption to patient care and the change control windows and downtime of a traditional deployment.
In the discussion, you’ll hear Aaron’s overview of their journey to a microsegmentation architecture, including attempts at implementing traditional Network Access Control (NAC) controls, which included the need to hire a team of specialists, a long project rollout across all of their of locations and tens of thousands of managed and unmanaged IoT, and IoMT devices. Aaron was given the budget and encouragement by the board, who asked about microsegmentation themselves; they, too, knew there was “not much that has a better ROI.”
Listen to the replay and learn how Aaron and his team were able to:
- Understand why microsegmentation is so critical to hospital networks and health systems as they evolve to have bio-medical devices that have telemetry
- Deploy Elisity across 130 practices and 24 locations in less than one year
- Achieve a “clean” network with good hygiene and improve their Configuration Management Database (CMDB)
- Create, simulate, and test policies for devices, applications, and users before the rules were enforced without policy enforcement anxiety
- Ensure a “dynamic” policy model allows for medical devices to travel with people across multiple facilities
- Enhance their Armis implementation with Elisity’s two-way syncing of Armis device metadata
- Build consensus among Doctors and Nurses as well as Network Architects, Security, Risk, Legal and Financial teams
- Conduct a “simulated ransomware attack drill” where staff switch to pen/paper as the cover for updating core switch software
- Lead the effort to create a regional community of healthcare organizations and run tabletop exercises to ensure best practices, uptime, and reliability in the case of adverse events.
If you would like to see how Elisity can greatly accelerate your microsegmentation efforts, request a demo.
Share this
- Blog (30)
- Cybersecurity (13)
- Zero Trust (12)
- Enterprise Security (10)
- Identity (5)
- Elisity (4)
- Enterprise Architecture Security (4)
- Network Security (4)
- Remote Access (4)
- microsegmentation (3)
- Black Hat (2)
- Identity and Access Management (2)
- blogs (2)
- Adaptive Trust (1)
- MITRE (1)
- News (1)
- Software Supply Chain Security (1)
- case study (1)
- cyber resilience (1)
- September 2024 (2)
- August 2024 (3)
- July 2024 (4)
- June 2024 (2)
- April 2024 (3)
- March 2024 (2)
- February 2024 (1)
- January 2024 (3)
- December 2023 (1)
- November 2023 (1)
- October 2023 (2)
- September 2023 (3)
- June 2023 (1)
- May 2023 (3)
- April 2023 (1)
- March 2023 (6)
- February 2023 (4)
- January 2023 (3)
- December 2022 (8)
- November 2022 (3)
- October 2022 (1)
- July 2022 (1)
- May 2022 (1)
- February 2022 (1)
- November 2021 (1)
- August 2021 (1)
- May 2021 (2)
- April 2021 (2)
- March 2021 (3)
- February 2021 (1)
- November 2020 (2)
- October 2020 (1)
- September 2020 (1)
- August 2020 (3)
No Comments Yet
Let us know what you think