ITHealth were already in discussions with BCHC about support for its Sophos solutions and migration to Sophos Central, and so proposed its Assurance Dashboard Solution. The Trust were impressed by the Dashboard’s ability to provide a consolidated and dynamic risk-based view of different aspects of its network and so agreed to undertake a proof of concept.
Prior to the Dashboard, with its myriad of SAM’s (software asset management systems) and monitoring tools, the Trust’s IT team believed it was fully compliant on most things. For example, they believed they had eradicated all Windows XP machines and had no Server 2003 instances on their network (their clientbased installed Software Asset Management application had told them this, so why would they doubt it). The ITHealth Assurance Dashboard proved otherwise. After an agentless scan of the network, one of the Dashboard’s many reports identified an XP device. “We couldn’t believe it”, said Gary Mullinder, IT System Administrator. “We naturally thought it was incorrect.”
Fortunately, as almost all of the data within the Dashboard is drillable, the Trust was able to pin down the rogue device as the Dashboard had provided the specific network switch, make, model and serial number – even what LCD monitor it plugged into. It was the classic scenario of a part-time employee using a machine for her part-time hours and then dutifully putting it away in a cupboard afterwards. Needless to say, the Trust resolved the issue immediately. “This particular machine didn’t have the SAM client software installed, nor did it have Sophos AV and it was running on XP! I am pleased to say that it is the only one we encountered, but at the stage of our process maturity without the Dashboard we wouldn’t have seen it for a long time”, said Gary.
The Trust was also impressed by the Dashboard’s ability to automate the management of NHS Digital CareCERTs. “The Assurance Dashboard’s CareCERT automation has pretty much eradicated several hours of manual work per week”, continued Gary. “The Dashboard scans the network following new CareCERT detail and highlights affected devices so we know exactly where to target remediation.”