Multi-vendor solution combined with shared responsibility strengthens security, simplifies management and reduces licensing costs as demand for BYOD grows.
ANSecurity has given details of a successful project with United Lincolnshire Hospitals NHS Trust (ULHT) that has improved secure access, reduced management overheads and enabled cost effective managed service delivery for local healthcare organisations.
Spread across three primary sites with over 7,800 supported staff, United Lincolnshire Hospitals NHS Trust has undergone a BYOD transition over the last few years allowing more staff to gain secure access to IT services in an effort to improve operational efficiency.
“We have several security systems in place such as our virtual private network (VPN) and two-factor-authentication (2FA) but with over the last few years with a growing requirements to provide IT access to increasingly mobile users, we recognised that to meet demand a technology refresh would be needed but without a massive budget increase,” explains Jon Hill, Senior Network Engineer at ULH, “We approached ANSecurity to provide recommendations and to assist us with creating a flexible design model for enhanced secure remote access to accommodate more users and potentially more NHS sites.”
ULH and ANSecurity began a multi-phase project to redesign parts of its core network and security infrastructure to better meet the challenge. ANSecurity’s “co-driver” approach means that through the solution design phase and on-going management process, both groups agree to take responsibility for different aspects such as failover testing, configuration management, bespoke training and supporting ULH in meeting its compliance requirements.
The first phase included upgrading existing Juniper MAG VPN hardware to new Pulse Secure ‘Connect Secure’ appliances to cope with a larger number of BYOD users accessing services using a wider range of devices. This upgrade included a solution redesign that moved secure access to an active/active implementation across multiple sites to increase resiliency and scale-out capacity to meet demand. The project included the use of a license server within a virtual appliance to enable ULH to select additional licenses as either Network Access Control (NAC) or Secure Socket Layer (SSL) connections to ensure future flexibility. The next stage upgraded its existing two factor authentication solution to use a smartphone based App that further reduced management overheads associated with handling physical two factor authentication tokens.
ULH further strengthens its access controls, security and visibility across its guest network by deploying a Next Generation Threat Protection solution. This runs alongside centralised management, logging and reporting systems from SolarWinds to help track configuration changes and ensure ULH meet its commitment to the ISO 2001 Quality Management System standard.
“What we have now is a process where the IT team at ULH handles the core infrastructure and when needed we can call on the deep expertise of ANSecurity to help ensure overall service delivery,” explains Jon. The reduction in administrative tasks associated with managing the security infrastructure along with an easier to use and more robust secure access capability offers a much bigger ongoing benefit for our organisation.”
Based on the success of the project, ULH is planning to provide elements of its secure access capability to several local healthcare organisations as a managed service.
“ANSecurity has been critical in delivering a successful project through its technical skill and understanding of a wide range of different vendor solutions,” says Jon, “The infrastructure we now have in place is better able to serve our own secure remote access needs and to deliver shared services to other healthcare organisations in a much more cost effective manner.”