Jakub Jirsák – stock.adobe.com
NHS Scotland has signed up Check Point to secure and streamline the management of sensitive health data held in the cloud, and bring the hyperscalability needed to support the rapid roll-out of its Covid-19 apps and services, and incoming vaccine management systems.
With the volume of data it generates having increased tenfold since 2015, NHS Scotland has been on an 18-month journey to move its healthcare data and services into the Microsoft Azure cloud. Securing this data is clearly becoming ever more important and it has become crucial to ensure visibility into the information, who has access to it, where it is being shared, and what is done with it.
Thanks to the devastating WannaCry incident, this process was already well in hand, but this was reckoning without the impact of the Covid-19 pandemic. Since the spring of 2020, NHS Scotland’s cloud infrastructure has needed to power the Test and Protect services across Scotland, and the Protect Scotland contact tracing app.
NHS Scotland is also now developing new systems to schedule and manage the Covid-19 vaccination process, so it is now even more critical that these services are completely secured, given the laser focus of malicious actors on healthcare.
Deryck Mitchelson, CISO at NHS Scotland, said the organisation’s selection of Check Point’s CloudGuard – which it has already been using on-premise – would now be key in enabling it to add new cloud workloads and services now and in the future without having to constantly review and deploy new security infrastructure.
“This means we can focus on the critical public-facing tasks where we can add real value, such as developing and running Scotland’s Test and Protect services,” said Mitchelson. “Right now we are building our vaccination management systems, and our cloud-first approach gives us the agility and scalability we need to roll it out nationally while being sure that data and services are secured.”
The organisation has implemented a version of Check Point’s cloud security blueprint and is using CloudGuard infrastructure-as-a-service (IaaS) in a so-called hub-and-spoke model, where endpoint protection pushes data back and forth via centralised hubs to all the various health boards (the spokes) that it is protecting. Check Point said this enabled improved visibility, and appropriate segmentation within NHS Scotland’s Azure cloud.
CloudGuard also provides data loss protection features, which means NHS Scotland can better support its compliance with the General Data Protection Regulation (GDPR).
Meanwhile, Check Point Maestro is delivering the hyperscale features needed by NHS Scotland, enabling it to expand security gateways to hyperscale capacity on demand, while SandBlast Zero-Day Protection is in use to guard against new malware, zero-day and targeted attacks from getting through in real time.
Mitchelson said: “To protect Scotland’s health data, we need to ensure the data is secure at every point of entry. Having next-generation firewalls that are scalable and give us that protection is exactly what we need built on top of the public cloud.
“One of the things I liked with Check Point is its integration with the SIEM vendor we’re working with. That means that we don’t have to go and actually start writing and creating configurations, it just links in and just automatically starts to work.
“Health data is probably Scotland’s most valuable asset, so it’s essential that it remains absolutely secure wherever it is being stored or accessed. We now have much more visibility than we had before we implemented the Check Point solutions. We can really understand where the data is and who is accessing it, from where, and ensure it is protected at every point of entry.”
In this e-guide, we will explore the links between ransomware attacks, data breaches and identity theft. First, Nicholas Fearn investigates the phenomenon of the double extortion attack, and shares some insider advice on how to stop them, while we’ll explore the top five ways data backups can protect against ransomware in the first place.
As mergers and acquisitions go virtual due to COVID-19, the C-suite should include CISOs to help identify security risks, …
Antitrust forces expect the Biden administration to pursue federal antitrust litigation and lawmaking. But Biden and Vice …
Heading into 2021, IT leaders must take the reins of their organizations’ digital transformation efforts. Bestselling author …
Security researchers discovered the Orion DLL component containing the backdoor used was still present in updates on SolarWinds’ …
Remote worker data security has quickly evolved into a top concern for IT security. Here are six strategies to ensure remote …
While the scope of the breach is still unknown, the cyber attack on SolarWinds shows what can happen when sophisticated attackers…
Most enterprises have siloed departments, but SASE’s convergence of network and security functions could disrupt those constructs…
Say hello to software-defined home, a ‘branch of one’ package that combines professional-grade Wi-Fi, security, SD-WAN and …
IP addressing and subnetting are important and basic elements of networks. In this article, learn how to calculate a subnet mask …
UPSes are crucial components to any backup power system. Use power ratings, infrastructure voltage requirements and the UPS type …
The colocation market is poised for growth, alongside the higher-visibility cloud computing sector. Find out why with our data …
Even with structured pricing methods, there’s a lot to consider when making colocation infrastructure purchases. Account for …
See how data anonymization best practices can help your organization protect sensitive data and those who could be at risk if …
At AWS re:invent 2020 the public cloud giant unveiled enhancements to its database and analytics portfolio, including the …
Firebolt, a new challenger to established cloud data storage vendors including Microsoft and Google, launched recently after …
All Rights Reserved, Copyright 2000 – 2020, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info
