Saint Catherine’s Hospice

Ensuring protection from evolving security threats

Saint Catherine's Hospice

Saint Catherine’s Hospice is a Scarborough-based hospice that provides care throughout 1,600 square miles of North and East Yorkshire. Their services are provided both in the hospice and out in the community, ensuring residents receive the highest level of care possible.

Given the highly sensitive nature of its patients’ data, combined with operating in the highly regulated care sector, security is of high importance to Saint Catherine’s Hospice.

With only a small IT team, consisting of just three people, and having worked with Phoenix for a number of years on its Microsoft licensing and managed IT support, the hospice turned to Phoenix for advice on how best to improve the hospice’s security posture.

The solution

While the hospice already had an endpoint security solution in place, the small IT team simply didn’t have the resources to monitor and act on the significant volume of alerts it was generating. The team was unable to filter through the noise and determine which alerts needed actioning or not, which prevented the team from progressing important projects and increased the risk of missing important alerts, exposing the hospice to the risks of a devastating cyber attack.

The hospice adopted our Phoenix Protect – Active Response managed service, which proactively identifies and actions threats on the hospice’s behalf. The service is powered by Microsoft’s Sentinel Security Information and Event Management (SIEM) tool which detects, analyses, and responds to security threats before they cause harm. SIEM is the next generation security tool combining Security Information Management (SIM) and Security Event Management (SEM) into one security management system, giving organisations visibility into activity within its network so they can swiftly respond to cyber attacks.

Utilising this managed service, the hospice benefited from access to Phoenix’s Security Operations Centre (SOC) team – a group of security analysts who act as a form of triage for the hospice. Aiding in filtering through the alerts generated by the SIEM tool enables Saint Catherine’s Hospice to identify security threats and provide a more targeted response to attacks.

“Security became a much bigger priority for us in the last few years with the anticipation of the number of threat vectors increasing. While we already had an endpoint security solution in place, it required a lot of intervention and time to handle the volume of alerts it generated. With the Phoenix Sentinel Essentials managed service, we not only upgraded our overall security posture with a sophisticated SIEM tool and all the benefits that brings, but also gained the peace of mind that Phoenix’s security specialists are proactively managing our security posture to ensure the highest levels of security.”

Rob Webb, IT and Facilities Manager, Saint Catherine’s Hospice

Outcome

Utilising Phoenix’s services has given the hospice the protection they needed from evolving threats, unlocking several benefits:

Significantly reduced threat landscape:

by combining a top-of-the-line SIEM tool and the expert advice of a Security Operations Centre (SOC), Saint Catherine’s Hospice benefits from the peace of mind of a proactive cyber security posture

Reduced in-house monitoring workload:

with the SOC experts on hand to triage the alerts from the Sentinel SIEM tool, team members are able to get on with their day jobs without having to worry about security

Proxy blocking and category filtering:

the Sentinel SIEM tool enables the Phoenix SOC team to monitor specific websites and website categories in order to protect the hospice’s IT infrastructure and vulnerable users

Improved processes and monitoring of recruitment:

Phoenix helped to improve the hospice’s existing processes for new joiners, while those leaving or moving could be actively monitored to ensure that hospice and patient data is not compromised

Ongoing security consultation:

in addition to our management of the Sentinel platform, Phoenix’s security analysts provide ongoing consultancy to the hospice. Through this it was able to identify and rectify several process improvements to bolster the hospice’s security posture

Simpler procurement and management with one primary software vendor:

as a heavy Microsoft user already, it was easy for Saint Catherine’s Hospice to incorporate Microsoft’s Sentinel platform as its primary security solution, enabling them to benefit from simpler procurement

“As a hospice we are regulated and inspected by the Care Quality Commission, the independent regulator of health and social care in England, which includes provisions for the protection of our patient’s data. While it is not currently a mandatory requirement to have something as sophisticated as a SOC in place, it could happen in the future, and we want to be in the strongest position possible. The Phoenix Protect – Active Response managed service is a strong form of security for us, providing a level of security far beyond anything you would typically expect for an organisation of our size.”

Rob Webb, IT and Facilities Manager, Saint Catherine’s Hospice

Future plans

With Phoenix already providing Saint Catherine’s Hospice with its third line service desk support with the Reactive Support managed service, and now security as a service through Sentinel Essentials, the relationship between Saint Catherine’s Hospice and Phoenix has grown over the years.

Looking ahead, the hospice is considering expanding the managed service to incorporate Patching Support to ensure their estate remains patched to the latest versions. They are also considering extending its support service beyond office hours to 24/ 7 monitoring.

Get started with Phoenix Protect today

Arrange a free call with our Managed Security Specialists today to discuss how Phoenix Protect can better improve your cyber security posture.

Alternatively, email us at [email protected] or call 01904 562200 and one of our specialists will be in touch to discuss your requirements.