Protecting Residents’ Personal and Health Information
Bethesda Health Group (BethesdaHealth.org) is the premier provider of senior care and services in St. Louis. It operates 14 independent living, assisted living, and skilled nursing and memory communities in the St. Louis area. While it seeks to maintain an optimal security posture to minimize risk to sensitive data of both the organization and its residents, Bethesda is also required to comply with the Health Insurance Portability and Accountability Act (HIPAA) and must ensure that appropriate processes are in place to maintain compliance.
With more than 1000 employees, Bethesda’s IT infrastructure includes more than 700 workstations and laptops, 100+ servers, 100+ routers and switches, and 1500+ Active Directory (AD) accounts for users located in all 14 physical locations. Overseeing the network and the organization’s many SaaS applications provided quite a security challenge for the company’s small IT team, as it didn’t have a dedicated security engineer on staff. Instead, that responsibility was spread among several staff members who had no formal security training, nor did they have the necessary tools in place to allow them to efficiently monitor the environment and take timely action on the security alerts. This proved to be a very inefficient and labor-intensive process. The volume of alerts in an organization of Bethesda’s size can be overwhelming, so identifying all the incidents that required immediate action was a daunting task for this team. Management recognized they needed to identify a solution quickly.
Protecting sensitive patient data required for HIPAA compliance was also a key challenge for Bethesda. The organization needed reporting to demonstrate compliance with HIPAA HITECH mandates for electronic protected healthcare information. Bethesda considered different options for monitoring and responding to security events. Rather than building their own security operations center (SOC) on premises, however, the Bethesda IT team selected Arctic Wolf’s SOC-as-a-service.
Deployment was simple, straightforward and completed in minutes. The Arctic Wolf sensor arrived preconfigured and was ready to plug into the network to collect logs and network flow data. Bethesda's IT team worked with Arctic Wolf’s Concierge Security™ team to customize the service to its exact operational and security requirements.
“Arctic Wolf’s turnkey SOC-as-a-service provides us with advanced threat detection and response capabilities at a fraction of what it would cost to do it ourselves. Arctic Wolf's Concierge Security™ model works perfectly for our IT team, which previously had no dedicated security resources.”
Joshua Sharp, Director of Information Technology, Bethesda Health Group
Outstanding Results Across the Board
Bethesda saw some immediate benefits from the service. The IT team quickly discovered:
- Users were visiting a known malicious site
- Endpoints sending out traffic that appeared abnormal
- A phishing attack that compromised corporate Dropbox credentials
Prior to Arctic Wolf deployment, the team couldn’t investigate these potential indicators of compromise. Each of these threats was detected and researched by the Concierge Security team, which presented Bethesda’s IT team with a clear action plan on how to reduce or eliminate the risk.
Today, Arctic Wolf's SOC-as-a-service provides the highest level of security, identifying potential threats while avoiding the noise of false positive alerts.
Just as important, Arctic Wolf helped Bethesda reach its HIPAA compliance goals by adapting to Bethesda’s changing environment. Generating reports for senior management and compliance was simplified using Arctic Wolf's standard and custom reporting. Weekly external assessments on the public-facing infrastructure provide Bethesda with vulnerabilities that need to be addressed. And regularly scheduled security posture reports provide senior management the confidence that the organization always has vigilant cybersecurity.
Arctic Wolf has delivered Bethesda advanced security at far less cost than if it had built a security operations center in-house. Around-the-clock SOC staffing would require eight to 12 security engineers alone. In fact, the cost of the service is estimated to be a small fraction of the cost of deploying and managing a SOC internally.