On the horizon
As for the future, Pinch says his team will continue to develop policies to help automate the management and mitigation of devices on the Rochester network. “We have started to use the tool to automatically identify broken SCCM [System Center Configuration Manager] and Sophos clients and then perform automated repairs of these clients with custom scripts we have built,” he says. “We've had three full-time interns doing nothing but this for years, and we can now repurpose them.”
What Pinch says he is even more excited about is an integration with Bromium, a product for sandboxing zero-day attacks and APTs. “While we could put the Bromium client on every computer, we are instead going to put it on our users that are most often compromised.” From there, he says, his team can use ForeScout to get the intel on every identified piece of malware found by Bromium, and ForeScout can then check every other machine on the network for the same running processes, allowing his team to gain exponential benefits from the facility's other toolsets.
Further, one of the primary challenges in the health care industry is to inventory network devices. Medical devices often have a small footprint on the network or should not be interfered with because of their proprietary nature and importance to the medical staff. “Over the last few years, an ever-increasing number of mobile devices has become a standard part of the health care environment, and each day we have to deal with a diverse array of users and devices – including tablets, PCs, laptops, phones, wireless medical devices and network infrastructure – which are constantly changing,” says Pinch. “Physicians want to use the technologies to which they are accustomed, while IT has to account for personal device use as well as network access for both staff and guests.”
Rochester also has visiting doctors and community doctors handling patients' personal medical information, and this adds another complicated layer to implementing a secure BYOD policy, as these visiting employees often use their own technologies to access sensitive data on the networks. With its new implementation, these concerns are a thing of the past, says Pinch.