Cisco Cisco Identity Services Engine 1.1 Guía De Información
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
Customer Case Study
EXECUTIVE SUMMARY
SENTARA
● Healthcare
● Norfolk, Virginia, USA
● 30,000 employees, 2,345 beds
● Norfolk, Virginia, USA
● 30,000 employees, 2,345 beds
CHALLENGE
● Safeguard confidential patient data
● Authenticate and authorize all legitimate
● Authenticate and authorize all legitimate
devices and users for network access
● Assign appropriate security policies for patient
data and clinical devices
SOLUTION
● Cisco Professional Services
● Cisco Identity Services Engine
● Cisco Identity Services Engine
RESULTS
● Smooth implementation of hospital-wide
security policies
● Compliance with security mandates
● Knowledge transfer to in-house staff
● Knowledge transfer to in-house staff
Cisco Increases Patient Data Security for
Healthcare Provider
Healthcare Provider
Cisco engineers help Sentara deploy new Identity Services Engine to enforce security
policies for patient records.
policies for patient records.
Challenge
Since its founding in 1888, Sentara Healthcare has flourished using
the latest technologies and practices to deliver outstanding medical
services. Today, Sentara operates over 100 facilities, including 10
hospitals, and is a leader in heart, kidney, and stroke care. Modern
Healthcare Magazine
cites Sentara as the nation’s most integrated
healthcare system; it is the only provider in the top 10 for all 14 years
of the magazine’s survey.
of the magazine’s survey.
Sentara relies on networked technologies to bolster its ability to
provide excellent patient care, and found that it could reduce costs
by replacing bulky computer pushcarts that caregivers move to and
from patient rooms with mobile, thin-client medical devices. Staff
could then move freely between patient rooms and use these
compact devices from the patients’ rooms.
compact devices from the patients’ rooms.
This solution, however, required a new security strategy. Sentara
had to identify and authenticate users and devices to help ensure
only authorized staff access hospital networks. It also had to segment critical patient care devices such as infusion
pumps and CT systems from clinical devices like its electronic medical records system, PACS imaging system, and
financial solutions. Because FDA mandates require that only manufacturers modify medical device software for
upgrades or develop security patches, Sentara had to prevent any inadvertent or unauthorized changes that could
disrupt system functionality and/or affect the integrity of patient-related information.
“To meet our stringent security needs, Sentara needs to dynamically lock down every network port, so our staff,
and only o
ur staff, can move about our facilities and use medical systems,” says Chad Spiers, director, Voice and
Data Infrastructure Services, Sentara. “We can’t let just anyone plug their own device into a port and access
highly-confidential patient records. We must identify every device and assign it an appropriate level of security
based on its functionality.”
based on its functionality.”
EDCS-1236286