Top Healthcare Education Institution Secures PII From Breach With Illumio
Being the IT organization at a top healthcare career school offering online education to a user body of 15,000 students and faculty is no small task. All users provide Personally Identifiable Information (PII) protected under regulation and subject to security compliance — at cloud scale.
To comply with standard regulations on securing PII, the school’s Senior Security Director sought to tighten up ringfencing of protected systems beyond perimeter firewalling to comply with standard regulations on securing PII. A dynamic user population demands dynamic user segmentation to databases.
But the degree of granularity needed was not possible to maintain when bound to firewalls on the infrastructure. Also, the change management and operational burden of using firewalls didn’t scale to the needs of the business.
“Being able to efficiently and safely enforce policy rules was paramount because we have so many people and systems. With firewalls, it could take months,” the Senior Security Director explained. “You have to use change control. If hardware goes down, you jeopardize the whole data center. It creates points of failure and complexity and puts a strain on the network staff. Every new database requires coordination.”
Security on the network with internal firewalling couldn’t keep up with cloud-based demand.
How Illumio helped
The tall order of finding the right segmentation solution that the team would be able to operationalize landed in the hands of their Advisory Systems Engineer who would ultimately operate it.
Illumio Core checked all of the boxes for both implementations — it was my first and final choice. It allows us to see all of the communication flows in our live production environment and to test firewall rules without facing outages. Advisory Systems EngineerHealthcare Education Institution
He chose a software-based approach with Illumio.
“I was interested in microsegmentation but did not want to use ACLs on network infrastructure, which would require a testing environment and outage windows,” said the school’s Advisory Systems Engineer. “At the same time, our security team wanted to start using the native security capabilities of our Windows servers. Illumio Core checked all of the boxes for both implementations — it was my first and final choice. It allows us to see all of the communication flows in our live production environment and to test firewall rules without facing outages.”
Using Illumio Core’s orchestration of the Windows Filtering Platform at the server level for enforcement prevents any network disruption — versus the outage risk of rules breaking applications introduced by using production firewalls.
Within the same day of deploying Illumio’s real-time application dependency map, the team could visualize traffic flows across their data estate. Illumio allows them to create logical policies, test them before enforcement, secure their systems from breach at cloud scale and without re-architecting the network.
Results and benefits
- No re-architecting
Illumio’s host-based solution allows the team to test and enforce policy with no impact on the network and no downtime.
- Total visibility
From visualizing traffic flowing across their data estate with the application dependency map, the team discovered “unknown unknowns” on day one of deployment.
- Proven segmentation
They gained the dynamic visibility and control needed to secure PII with granular, compliance-grade segmentation.
- Flexible granularity
Beyond user segmentation, the team is working towards environmental separation to prevent developers from working in a production environment — a risk no web-scale business can take.
Large Medical Group Enables Healthcare Compliance With Illumio
A large medical group prevented unauthorized access to PHI and ensured third-party hosted data was policy compliant.
Fortune 100 Healthcare Service Manages Critical Divestiture With Illumio
A healthcare service company used Illumio's real-time map and segmentation to secure data center assets after selling part of its business.
Top Health Insurance Provider Boosts Cyber Resilence With Illumio
Zero Trust Segmentation provides an additional layer of protection for the insurance critical systems and proves vital for compliance.
Ready to learn more about Zero Trust Segmentation?