Trust recovers costs with security system transplant

12 February 2018

East Sussex Healthcare NHS Trust (ESHNT) serves a community of around 525,000 people, employs more than 6,000 staff, and has an annual turnover of £365m.

In common with many healthcare providers, it has seen increasing use of software-based administrative and clinical systems. These have increased the demand for more flexible and secure access technologies that improve productivity while protecting sensitive medical data.

Furthermore, with a growing number of devices and requirements for greater remote connectivity, many NHS trusts are looking at ways to streamline secure access while making cost and efficiency savings.

ESHNT’s legacy secure access solution used physical tokens along with an incumbent managed service provider. But the use of two factor authentication tokens was both expensive in terms of hardware and licensing costs as well as more complex to manage when dealing with on-boarding new staff and updating settings in the event of tokens being damaged, lost or stolen.

Following an assessment, the trust realised that an upgrade would allow it to make considerable savings in ongoing charges. Additionally, self-service tools for user on-boarding and maintenance would provide further savings in terms of management time without compromising security.

The IT department began evaluating a number of options and approached Pulse Secure, the vendor of its preferred VPN solution. It recommended a number of partners with suitable skills and experience including ANSecurity which was eventually chosen to develop the new secure access solution. 

The project included upgrading ESHNT’s VPN infrastructure to Pulse Secure’s Connect Secure 5000 series appliances. These are run in an active/active high availability implementation to cope with a larger number of users accessing services via a wider range of devices.

The upgrade also included several secure self-service tools to simplify access for guests along with easier moves, adds and changes for existing users. The new solution uses active scanning prior to connection to the network to ensure that devices have the correct updates and patches before they are given access to sensitive applications.

In terms of upgrading its two factor authentication system, ESHNT selected a solution from Swivel based on a balance between flexibility and cost. It includes options to use a smartphone based app to reduce overheads associated with handling physical two factor authentication tokens.