County Durham and Darlington NHS Foundation Trust

Increasing network visibility to better detect, diagnose, resolve and report on cyber risks

Overview

Visibility is the best defence against today’s cyber threats, to highlight as early as possible any issues that could represent compromise. County Durham and Darlington NHS Foundation Trust knew that it lacked visibility of its network and to be fully secure it needed greater transparency of what was happening across its IT estate. Here we learn how the Trust worked with ITHealth to gain an accessible, dynamic network view to better detect, diagnose and remediate risks, whilst also streamlining and enhancing security processes.

County Durham and Darlington NHS Foundation Trust is one of the largest integrated care providers in England, serving a population of around 650,000. With a 7,000 strong workforce, it provides hospital services from two acute sites – Darlington Memorial Hospital and University Hospital of North Durham. It has a centre for planned care in Bishop Auckland, and provides community services from 5 community hospitals, over 80 other community-based settings and within patients’ homes.

Challenge

Although County Durham and Darlington NHS Foundation Trust (CDDFT) had solutions in place to capture the various deployments and assets across its IT estate, to get a ‘complete’ picture of its network it needed to manually collate the disparate information. The Trust knew that reliance on such a process only gave the illusion of control and left opportunity for error and potential blind spots. The Trust wanted a clearer and deeper insight of its network and IT assets to more proactively manage risk and remediate vulnerabilities. It also wanted to see if it could reduce the amount of time and resource that was being spent managing NHS Digital Cyber Alerts (formerly NHS Digital CareCERT bulletins) and ensuring compliance to the Data Security and Protection Toolkit (DSP Toolkit).

Solution

CDDFT explained its challenges to ITHealth who had successfully worked with the Trust to simplify secure remote access for its mobile clinicians. Having recently developed an Assurance Dashboard Solution which was addressing the very issue of NHS network visibility, ITHealth proposed a demonstration. The Trust quickly saw that not only does the solution expose all network hardware and software information in an intuitive dashboard interface, it also allows the collated information to be viewable in a dynamic risk-based context. ITHealth explained the customised reports pertinent to NHS security setups, and how vulnerabilities and non-compliant areas within the infrastructure are flagged making it easier to know where to focus remediation. The Trust could see the value in the solution and so initiated a proof of concept (POC) to prove the Dashboard’s benefits locally.

During POC, the Trust was amazed at the level of information retrieved by the Dashboard, as well as how it automated much of the NHS Digital Cyber Alert process.

“We were impressed with the speed in which the Dashboard allowed us to view and report on our exposure to the high severity DejaBlue alert, and more recently SMBleed. Previously, it took specialist knowledge using 3rd party tools to generate scripts that would interrogate the network and identify the same information; this was time-consuming and relied on having the correct skill sets available to perform the task. The ITHealth Assurance Dashboard Solution automates the whole process for us”, said Tony McGivern, ICT Infrastructure Manager.

The Dashboard also greatly assisted the Trust with the Windows 10 deployment:

“The ITHealth Dashboard has significantly increased our CMDB capabilities and been instrumental in assisting with the Windows 10 upgrade”, said Craig Robinson, Head of ICT. “To explain, it came to light that dual screen monitors weren’t compatible on certain older hardware running Windows 10. Our traditional CMDB identified that there were over 300 machines affected by this issue. By creating some reports within the Dashboard to determine where dual monitors were actually in use, we discovered that the scale of the problem was significantly lower than initially expected.”

Results

The Trust are now a happy ITHealth Dashboard customer and the Dashboard is being used across throughout the Trust’s IT department to:

  • Rapidly review and remediate associated network risk to NHS Digital Cyber Alerts
  • Identify software installed on machines prior to failure
  • Search for unapproved and out of date software
  • Pinpoint and proactively monitor failing hardware, e.g. disk space, predicted HDD fail
  • Monitor Windows Updates trends, and machines/servers missing patches
  • Highlight network devices in use and associated users
  • Survey the software installed on machines to plan for Windows 10 upgrades
  • Review new software and endpoints as they enter the network

Benefits realised by the Trust include:

  • One place to go for a multitude of reliable, near real-time network information
  • Cost and resource savings through streamlined processes and negation of individual products to achieve similar results
  • Proactive network monitoring – ability to tackle issues before they become a problem
  • A smarter way to manage NHS Digital Cyber Alerts
  • Swifter DSP toolkit submissions – the Dashboard solution directly meets or supports 81% of the DSPT’s cyber-related mandatory requirements.

“The service from ITHealth has been excellent; from POC set-up right through to live implementation, the team have been extremely helpful.”
TONY MCGIVERN, ICT Infrastructure Manager County Durham and Darlington NHS Foundation Trust

Related case studies

Salford Royal NHS Foundation Trust (part of the Northern Care Alliance NHS Group)

Improving digital compliance efficiency and staying confidently assured through a unified network view

View

Nottinghamshire Health Informatics Service

Finding the ideal IT compliance and assurance solution, plus so much more

View