Suite deal as St Vincent’s cures security headache

25 May 2006

St Vincent’s Healthcare Group has deployed a unified IT security system across more than 1,700 PCs. The system provides email, web and network scanning for spam, viruses, spyware and illicit material.

The Dublin-based IT network specialist TechNiche installed the system, which is based around the Enterprise Protection Suite from the security software provider SurfControl. The value of the contract was not disclosed.

St Vincent’s Healthcare Group consists of St Vincent’s University Hospital, St Vincent’s Private Hospital and St Michael’s Hospital. All told, it comprises more than 3,000 users across medical and administration staff who use internet and email for information management and communication. The security tools now installed include web filtering, email filtering, Image Agent and anti-spyware. It also protects other points of vulnerability including peer-to-peer and instant messaging.

According to deputy director of IT Neal Mullen there were four key security issues that had emerged before installing the solution. The organisation was receiving 350,000 emails per month with a consequent increase in spam and viruses. It needed a system to stop medical spam email while letting through legitimate medical email. Moreover, staff found that searching for medical information often returned pornographic content. In addition, spyware had begun to have an impact on the continuity of data networking services, degrading network speed.

Now, the ICT department can use the SurfControl suite to set rules on what can and cannot be accessed online. “A blanket block on web access is not feasible in a hospital environment as staff need to be able to search for specific medical sites,” Mullen pointed out. “Using SurfControl’s Virtual Learning Agent has significantly lowered the administration required to manually block dubious sites and permitting access to legitimate ones.”

Gareth Madden, sales director with TechNiche, added that non-IT staff could not be expected to analyse whether a given email contains malicious code or not nor was it reasonable to expect IT staff to devote all their time to dealing with security issues. “Healthcare providers’ focus needs to be on patient care not complying with security or privacy regulations,” he said.

By Gordon Smith