The National Services for Scotland (NSS) is a support mechanism for NHS Scotland and provides it with the infrastructure and services that the health service requires. These include shared digital, security, finance and HR services.
Protecting a valuable asset
With new services such as video consultations, appointment scheduling and the use of smart technology, digital services are becoming increasingly important in healthcare. It is essential to ensure the security of health data used by these services.
“Health data is probably Scotland’s most valuable asset”, says Deryck Mitchelson, Chief Information Security Officer, NHS Scotland.
Stored in the public cloud, NHS Scotland’s data volumes have increased tenfold over the last five years. As more medical information is placed in the public cloud to allow patient-facing digital services, securing that data is becoming ever more important. The organization needed a solution that would allow it to properly manage and protect this valuable asset.
As data and services continually expand, it also needed a solution that would easily hyperscale without the need to continually make manual configuration changes. With multiple systems running, it was crucial to ensure visibility into the information, who is accessing the information, where it is being shared and what is being done with it.
Furthermore, back in 2018, NHS Scotland was affected by the devastating WannaCry ransomware attack. While it didn’t have a massive impact, it did affect patient-facing services including operations and GP visits that were cancelled and some patient data became inaccessible. The organization needed a solution that could provide complete threat prevention against similar cyberattacks.
Guardian of sensitive medical data
As part of its migration of health data and services to the public cloud, NHS Scotland implemented CloudGuard IaaS, Check Point’s advanced cloud security solution. The solution provides the same advanced threat prevention and data security as the organization’s on-premises deployment, through the same familiar interface.
NHS Scotland implemented a version of Check Point’s cloud security blueprint and uses CloudGuard IaaS in a “hub and spoke” model, with endpoint protection pushing data back and forward via central hubs to all the many health boards (“spokes”) which are protected by the system. This allows improved visibility and the right level of segmentation within their public cloud deployment.
Check Point Maestro delivers the hyperscale features that the organization required, enabling it to seamlessly expand existing security gateways to hyperscale capacity on demand. Maestro provides NHS Scotland with the ability to grow their security as the data and services expand.
Check Point SandBlast Zero-Day Protection is also used by the organization to stop unknown malware, zero-day and targeted attacks from infiltrating the networks. Based on new CPU-level exploit detection technology, it detects threats earlier, before malware has an opportunity to deploy evasion code.
“We’re using SandBlast because it delivers a lot more visible, real time information which is exactly what we need,” says Derek Mitchelson, CIO of NHS Scotland.
Secured data with increased visibility
As a risk-averse organization, a principal benefit for NHS Scotland is having the confidence that, although its data is stored in the public cloud, it remains absolutely secure.
“We’ve got much more visibility than we had before we implemented the Check Point solutions,” says Mitchelson. “We can really understand where the data is and who is getting access to what.”
Check Point Maestro enables the organization to maintain a highly efficient deployment by easily scaling up and scaling down when new services are added or others are not in use.
Mitchelson adds, “To protect Scotland’s health data we need to ensure the data is secure at every point of entry. Having next-generation firewalls that are scalable and give us that protection is exactly what we need built on top of the public cloud.”
NHS Scotland uses a Security information and event management (SIEM) solution. “One of the things I liked with Check Point is its integration with the SIEM vendor we’re working with”, says Mitchelson. “That means that we don’t have to go and actually start writing and creating configurations, it just links in and just automatically starts to work.”
The organisation works closely with the UK’s Information Commissioner Office. CloudGuard IaaS provides Data Loss Protection, enabling the organization to provide this valuable information efficiently and support compliance with the General Data Protection Regulation (GDPR).
With the Check Point solutions, NHS Scotland’s health data is now safe from healthcare cyber-attacks. “If we’d had technologies in place such as what we put in place now with Check Point, we would have totally avoided what happened with WannaCry”, says Mitchelson. “I would recommend Check Point to other customers; the implementation has been extremely well done and absolutely gives us the protection we need for healthcare data.”
To support plans for a CI/CD style of deployment pipeline, the organization also plans to bring in Check Point CloudGuard Dome9. This will enable NHS Scotland to check that all templates are compliant before they are deployed to the cloud.