CheckPoint Software Case Studies U.S. Public Health Services Provider Enhances Network Security with Check Point SandBlast

Edit This Case Study Record

	U.S. Public Health Services Provider Enhances Network Security with Check Point SandBlast CheckPoint Software

U.S. Public Health Services Provider Enhances Network Security with Check Point SandBlast

CheckPoint Software

Technology Category	Cybersecurity & Privacy - Malware Protection Infrastructure as a Service (IaaS) - Public Cloud
Applicable Industries	Healthcare & Hospitals National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Search & Rescue Tamper Detection
Services	Cybersecurity Services Testing & Certification
Challenge	The U.S. Public Health Services Provider, a leading West Coast provider of emergency health services, was faced with the challenge of securing its patients’ highly sensitive data. With over two million patients and more than 90 locations, the organization was a prime target for malicious actors. The potential breach of information such as patients’ medical information, social security numbers, and personal addresses could lead to disastrous results including identity theft, insurance fraud, and data manipulation leading to mistreatment. Additionally, the organization had critical medical devices that required internet connectivity. Any compromise in connectivity due to an attack could result in serious repercussions to patients receiving emergency care, including delays in treatments, worsening of conditions, or even death. The organization needed a solution that would not just detect advanced threats to its network, but ultimately prevent them from coming in. Read More
About Customer	The customer in this case study is a leading West Coast provider of emergency health services in the United States. The organization treats over two million patients a year across more than 90 locations, including two major trauma and rehabilitation centers. The organization provides critical, life-saving services in emergency cases. Being a large-scale healthcare provider, the organization is responsible for securing its patients’ highly sensitive data, including medical information, social security numbers, and personal addresses. The organization also has important medical devices that require internet connectivity, making network security crucial. Read More
Solution	To safeguard its network, the health services provider opted for Check Point SandBlast with Zero-Day Protection. The organization utilized Check Point Firewall IPS, App Control, Anti-Bot, and Anti-Spam capabilities, as well as Threat Emulation and Threat Extraction technologies. Check Point’s unique CPU-level exploit detection capability enabled Threat Emulation to block malware designed to bypass regular sandboxing technologies, ensuring security against advanced threats such as WannaCry. With Check Point SandBlast, the organization was able to prevent numerous attacks through email and web, thanks to the Threat Emulation technologies. The Information Security team found that CPU-level evasion detection was highly effective in catching malware. The team also found Threat Extraction to be highly useful. The organization is now considering implementing the same capabilities on their endpoints using Check Point SandBlast Agent. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Malware Protection

Infrastructure as a Service (IaaS) - Public Cloud

Applicable Industries

Healthcare & Hospitals

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Search & Rescue

Tamper Detection

Services

Cybersecurity Services

Testing & Certification

Challenge

The U.S. Public Health Services Provider, a leading West Coast provider of emergency health services, was faced with the challenge of securing its patients’ highly sensitive data. With over two million patients and more than 90 locations, the organization was a prime target for malicious actors. The potential breach of information such as patients’ medical information, social security numbers, and personal addresses could lead to disastrous results including identity theft, insurance fraud, and data manipulation leading to mistreatment. Additionally, the organization had critical medical devices that required internet connectivity. Any compromise in connectivity due to an attack could result in serious repercussions to patients receiving emergency care, including delays in treatments, worsening of conditions, or even death. The organization needed a solution that would not just detect advanced threats to its network, but ultimately prevent them from coming in.

About Customer

The customer in this case study is a leading West Coast provider of emergency health services in the United States. The organization treats over two million patients a year across more than 90 locations, including two major trauma and rehabilitation centers. The organization provides critical, life-saving services in emergency cases. Being a large-scale healthcare provider, the organization is responsible for securing its patients’ highly sensitive data, including medical information, social security numbers, and personal addresses. The organization also has important medical devices that require internet connectivity, making network security crucial.

Solution

To safeguard its network, the health services provider opted for Check Point SandBlast with Zero-Day Protection. The organization utilized Check Point Firewall IPS, App Control, Anti-Bot, and Anti-Spam capabilities, as well as Threat Emulation and Threat Extraction technologies. Check Point’s unique CPU-level exploit detection capability enabled Threat Emulation to block malware designed to bypass regular sandboxing technologies, ensuring security against advanced threats such as WannaCry. With Check Point SandBlast, the organization was able to prevent numerous attacks through email and web, thanks to the Threat Emulation technologies. The Information Security team found that CPU-level evasion detection was highly effective in catching malware. The team also found Threat Extraction to be highly useful. The organization is now considering implementing the same capabilities on their endpoints using Check Point SandBlast Agent.

Impact #1	The implementation of Check Point SandBlast with Zero-Day Protection has brought about significant operational benefits for the organization. Before SandBlast, the organization’s Information Security team would have to conduct a full forensics investigation into a threat, or wipe the box entirely and rebuild it, usually taking four to five hours. With SandBlast, the team has been able to prevent malware from ever getting onto the machine, significantly reducing time spent on remediation. The 'single-pane-of-glass' dashboard has allowed the team to see, manage, and upgrade everything in one place. The team has also appreciated the log in abilities of SmartEvent, which provides a clear overview of what’s going on in the network from the application layer as well as a threat layer. If malicious activity is detected, the team is quickly alerted to it and the threat is blocked. This has enabled the team to know exactly what’s going on in the environment without expending more resources.

Impact #1

The implementation of Check Point SandBlast with Zero-Day Protection has brought about significant operational benefits for the organization. Before SandBlast, the organization’s Information Security team would have to conduct a full forensics investigation into a threat, or wipe the box entirely and rebuild it, usually taking four to five hours. With SandBlast, the team has been able to prevent malware from ever getting onto the machine, significantly reducing time spent on remediation. The 'single-pane-of-glass' dashboard has allowed the team to see, manage, and upgrade everything in one place. The team has also appreciated the log in abilities of SmartEvent, which provides a clear overview of what’s going on in the network from the application layer as well as a threat layer. If malicious activity is detected, the team is quickly alerted to it and the threat is blocked. This has enabled the team to know exactly what’s going on in the environment without expending more resources.

Benefit #1	Reduced time spent on remediation, from four to five hours to almost instant prevention of malware
Benefit #2	Instant visibility into threats and vulnerabilities previously unseen
Benefit #3	Prevented countless attacks through email and web

Benefit #1

Reduced time spent on remediation, from four to five hours to almost instant prevention of malware

Benefit #2

Instant visibility into threats and vulnerabilities previously unseen

Benefit #3

Prevented countless attacks through email and web

Download PDF Version

Overview

U.S. Public Health Services Provider Enhances Network Security with Check Point SandBlast

Operational Impact

Quantitative Benefit