Network visibility: How this state health agency went from blind to 20-20
Who has access to your network? Even if you’re a small company, you should know the answer.
But the new CIO at a state health agency didn’t. On paper, the organization had 17,000 employees in 400 locations and an IT infrastructure with 350 applications and 1,600 servers, but no one knew exactly who was accessing the network or what devices were connected.
Desperately needing to address these security concerns, as well as create a more streamlined approach to procurement and IT decision-making, this agency sought the expertise of a longtime partner – SHI.
Taking stock of endpoints
The CIO entered the picture with a mandate to innovate, but he quickly discovered there was other work to be done first. The organization would struggle to prioritize areas of improvement unless it understood what it had at the base level. If he tried to press on without understanding what was on the network, he’d experience one roadblock after another.
For example, the agency wanted to implement a BYOD policy, but that would be a struggle without any visibility into what was on the network. It wanted to change licensing models for certain software packages, but that would be tough without knowing what software was currently being used – and by who – compared to the seats it had bought.
Unfortunately, the organization had little more than snapshots of all its endpoints. What it needed was continuous monitoring, along with alerts and thresholds for different variables – in short, a tool to monitor what was coming and going on the network.
SHI recommended ForeScout, whose technology continuously assesses, remediates, and monitors devices the instant they connect to the network. As soon as the agency got up and running, ForeScout immediately raised red flags.
Discovering unknown gaps
ForeScout revealed that the overall device count on the network was roughly 25 percent higher than what it should have been based on the devices the agency had purchased and registered in its domain. What were those devices and who did they belong to?
Armed with these new insights, the security team was empowered to police devices on the network. The system administrator could look at what was connecting to the domain, how many were out of warranty, and make more informed IT decisions.
On the software front, the organization discovered a huge gap in its licensing posture across the board, with its seat count nearly 40 percent higher than what it thought it was.
With this realization, SHI acted as a conduit with the manufacturers the agency was underlicensed for, explaining to them that the new CIO had inherited this situation and wanted to make it right. With SHI’s strong partnerships and the manufacturer’s appreciation for the agency’s honesty, all parties worked together to outline a long-term plan to gradually add seats until the agency’s licensing matched its usage. The manufacturers understood that the agency couldn’t just cut a check for the gap, and SHI helped facilitate a deal that best served everyone involved.
Beyond the baseline
To get this agency back on firm footing, SHI didn’t just sell it the software, licenses, and hardware; it worked with TurnKey Cyber Solutions to build out and provide a complete managed services package.
With this package in place, the agency now has the manpower and expertise to take full advantage of the ForeScout solution, and gains visibility into its network as well as contextual data that could be used by different departments as they see fit.
Now the agency has the baseline it needed to pursue further IT projects, and because it adopted this three-year managed service, it can devote its full resources into the innovations it needs while still maintaining visibility into everything that’s happening on its network.
Stephen Forsythe and Joseph Mongiovi contributed to this post.