University of Kansas Hospital: A Cisco Umbrella Case Study

University of Kansas Hospital: A Cisco Umbrella Case Study

The challenge: gaining transparency to secure sensitive data

Ranked among the nation’s best hospitals every year since 2007 by U.S. News & World Report, The University of Kansas Hospital is the region’s premier academic medical center. Physicians teach as faculty members at the KU School of Medicine and are at the forefront of medical discoveries taking place at the KU Medical Center, a research leader in cancer treatment and prevention, neurology and liver and kidney transplantation.

Like every hospital, University of Kansas Hospital prioritizes its IT security as to avoid threats such as malware from affecting or theft of its patient’s sensitive data.  This means that they have to safeguard every medical device that is connected to their network, any compromise to this could cause a life-or-death situation.  Besides this, as an academic hospital as well, they also deal with a lot of sensitive research data and intellectual property.

When the time ransomware was beginning to impact hospitals around the world, University of Kansas Hospital started to look for security solutions that would help deliver their commitment for the best possible healthcare experience.  This led them to realize that visibility was a major challenge and attacks were starting from DNS.

The solution: security that starts at the DNS layer

To start improving the existing security design, University of Kansas Hospital started to initially implement different solutions to help produce very basic information about the infected machines, however they lacked full visibility into the source of the infection.  Meaning that they could see the malicious sites being accessed but only trace the infection only till the proxy server, IP address, or their DNS server.

 “First we just pointed our external DNS requests to Cisco Umbrella’s global network, which netted enough information to prompt an instant ‘Wow, we have to have this!’ response,” Duong says. “When our Umbrella trial began, we saw an immediate return, which I was able to document using Umbrella reporting and share with executive stakeholders. Those numbers, which ultimately led to executive buy-in, spoke volumes about the instant effect Umbrella had on our network.”

After they did an initial test of pointing their external DNS requests through the Cisco Umbrella global network, it provided enough information for them to immediately start a trial with Umbrella.  After beginning their trial, they were able to see immediate returns, which were then documented through Umbrella’s reporting and shared to their executive stakeholders.  This eventually led to an executive buy-in for Umbrella.

The result: Bolstered security and unprecedented insight

For University of Kansas Hospital, Deploying Umbrella was fast while also giving them an immediate time-to-value experience.  In just one hour of Umbrella going live, they saw a huge increase in visibility, protection, and blocked malicious traffic.  From their usual 100,000 hits against the network (20 to 30 percent of which were ransomware), they were able drop the number down to nearly zero with Umbrella.

Once they enabled AD integration as well to their Umbrella (which took only an hour), they were able to move from struggling to find attacks to being able to correlate users with events and trace every clock of their online journey.  This also gave them ways on how to investigate and understand each threat that was hitting their network to help better understand user behavior to help better mitigate them as efficiently as they can.

Cisco Umbrella has dramatically improved the incident response of University of Kansas hospital for the better, one incident before Umbrella would have taken 2 days now has been lessened by at least 75% or even can be done in 30 minutes.



To learn more about Cisco products, you can visit our Cisco Product Page here or you may call us at 893-9515 and we would be happy to answer your inquiries!

Your Data at Large: Some of the Common Security Pitfalls

Your Data at Large: Some of the Common Security Pitfalls

With data mobility’s rise, you would expect that security of data would increase as well.  However, many of the controls to mitigate the risk of data exposure still rely on traditional protection.  Direct attacks, simple mistake, and even negligence are still major reasons as why data is lost.  Below are some of the most common examples of common security pitfalls:

  • Loss or destruction of endpoints
  • Using consumer-grade collaboration and file sharing tools
  • Transferring files over insecure media including USB drives
  • Emailing sensitive information to personal email accounts
  • Social engineering (i.e. phishing) – the human factor and malware

These days, we use new IT services built on multiple cloud infrastructures to work in conjunction with the legacy and custom applications (business critical apps) built on-prem, this results in business data sprawled across multiple devices and locations.  This makes the traditional enterprise perimeter almost completely eroded.  The industry’s response has been to solve each gap in security with slew of security products, which each have their own unique policies, capabilities and limitations.  This creates even more complexity in the already complex problem which can do ultimately do more damage than help.

In the global study from Citrix and The Ponemon Institute, they  discovered that:

  • 64 percent of respondents say their organization has no way to effectively reduce the inherent risk of unmanaged data (e.g. downloaded onto USB drives, shared with third parties, or files * with no expiration date)
  • 79 percent of respondents are worried about security breaches involving high-value information
  • 52 percent of respondents do not feel that their security infrastructure facilitates compliance and regulatory enforcement with a centralized approach to controlling, monitoring and reporting of data

That requires a purpose-built architecture, one that is designed and hardened for security from the ground up. Integral to this architecture is the inherent security Citrix provides by:

The solution to the problem?  Control must be given back to IT while delivering security to the business without affecting the users experience.  This type of architecture is inherent in the security Citrix provides by:

  • Centralizing and keeping data off endpoints
  • Containerizing and encrypting data on mobile devices
  • Controlling access to data contextually
  • Using file level access and control (DLP and IRM) for data in motion
  • Partnering with industry leaders to protect data

At the end of the day, people need and want to work efficiently, if we make data sharing onerous it would create more problems rather than help solve them.

To learn more about Citrix products, please visit our product page or call us directly at 893-9515.

CT Link Systems, Inc. joins Security TRENDs 2017!

CT Link Systems, Inc. joins Security TRENDs 2017!

Enterprises and organizations are facing next-tier, multifaceted threats that are both familiar and uncharted. As the cloud and the Internet of Things (IoT) ecosystem become more interconnected, it is essential for organizations tore-evaluate and redefine their understanding of threats, risks, and solutions in an ever-changing landscape.

With that, organizations and enterprises must ask: what threats should they prepare for? What risks are involved? What processes and procedures should be implemented?

In the face of next-tier threats, businesses must step up their game and LEVEL UP their defence against these threats.

In lieu of this, CT Link Systems, Inc. has joined Trend Micro’s Security TRENDs 2017 Executive Threat Defence Summit as an exhibitor to help educate businesses in the Philippines on the importance of Cyber Security.

To learn more or register to the event, please visit the site Here!