February 16, 2022
How a Hybrid Approach Helped a Hospital System Leverage Existing Investments and Secure Cloud-Based Tools
Digital transformation has forever changed the way healthcare organizations deliver care. By pivoting to cloud based platforms, health systems can liberate data from silos and connect it in ways that enable them to gain insights, take action and collaborate across a patient’s care journey.
But adopting cloud technologies is not a one-and-done process. When one leading hospital system decided to move their terabytes of private health information (PHI) data from an on-premises solution to the cloud storage solution Box, they realized that they couldn’t simply start over in the cloud. Completely replacing existing technology would require a huge reserve of capital, so instead, they chose to adopt a hybrid model that bridged the gap between their legacy systems.
This is how Lookout helped the hospital system migrate to the cloud while keeping their on-premises legacy investments secure.
Modernizing doesn't mean starting over
As the hospital system began their digital transformation by migrating to Box cloud storage, they were faced with a difficult decision regarding their current on-premises investments. They had invested significant time and effort in a legacy data loss prevention (DLP) hardware solution from Forcepoint that was designed to secure PHI with Health Insurance and Portability Accountability Act (HIPAA) regulations in mind. The DLP solution resided inside their network perimeter, and the hospital had customized and configured its rules and policies, testing for accuracy and effectiveness, and further refining to eliminate noise and false positives. With years of validation, the customer was confident in its ability to keep sensitive data safe.
Unfortunately, when data was moved to the cloud, this legacy DLP hardware could no longer access it. It became clear to the IT and security teams that they needed to modernize their DLP capabilities without throwing away years of work they had put into their existing appliance. They needed a solution that could integrate with their existing Forcepoint DLP engine and use the proven controls as actionable signals to mitigate data loss incidents in the cloud. That’s when Lookout Secure Cloud Access with native DLP was introduced.
The Lookout cloud-native DLP solution integrates directly with Box cloud storage through APIs, enabling it to scan and classify cloud data during creation, upload and collaboration. When the cloud DLP detector discovers a policy violation, the data in question is transferred from the cloud to their on-premises DLP solution where further policy checks can be applied and remedial action taken.
“Integration with our on-premises DLP environment and its support applications was a big factor in our decision to move forward with Lookout,” the hospital’s IT security manager said. “We needed something to take charge of our cloud storage platform that provided visibility into what data users were accessing, how they accessed it and with whom they shared it.”
Encryption: the first step in ensuring HIPAA compliance
In a world of electronic data transfers and mobile devices, there are dozens of ways that security can break down and lead to HIPAA non-compliance. All of these ways point back to the need for a strong HIPAA-compliant implementation that incorporates encryption. In fact, HIPAA requires encryption of PHI when the data is at rest, meaning the data is stored in locations like a local disk or USB drive.
To accommodate this requirement, the hospital is planning to leverage Lookout’s native enterprise digital rights management (EDRM) capabilities for file encryption and access policy enforcement. When DLP identifies sensitive data being deliberately moved from inside the hospital to outside of its perimeter, Lookout encrypts the file to ensure data remains protected and HIPAA compliance is maintained.
EDRM enables users to collaborate and share data across both internal and external boundaries while protecting it from unauthorized access, use, and distribution.
Bridging the gap with a unified platform
The conventional data center continues to evolve as new cloud services are introduced alongside legacy technologies to meet today’s business demands. While some IT managers might be inclined to tear it all down and build anew, that is generally not a practical option. Instead, modernizing a data center involves creating a hybrid environment where the old and new each play a role in delivering modern services.
The Lookout Cloud Security Platform with native DLP plays an important role in extending the life of legacy DLP solutions by extending their reach into the cloud. As organizations undergo cloud transformation, Lookout bridges the gap between these legacy systems and new cloud solutions.
How Lookout helps organizations integrate their existing investments with newly acquired cloud solutions.
Book a personalized, no-pressure demo today to learn:
- How adversaries are leveraging avenues outside traditional email to conduct phishing on iOS and Android devices
- Real-world examples of phishing and app threats that have compromised organizations
- How an integrated endpoint-to-cloud security platform can detect threats and protect your organization