Dr Sulaiman Al Habib Medical Group, Saudi Arabia Asia
Protecting Patient Data and Privacy for Dr Sulaiman Al Habib Medical Group
About Dr Sulaiman Al Habib Medical Group, HealthCare

Established in the year 1995, Dr Sulaiman Al Habib Medical Center in Riyadh, is considered the humble beginning and the foundation of Dr Sulaiman Al Habib Medical Group. It was established with the vision to provide the Quality Health Care Services utilizing World Class Technology and International Health Care Standards to ensure best possible outcome and achieve highest Patients Satisfaction.

Dr. Sulaiman Al Habib Medical Group aims on becoming the largest and fastest growing provider of healthcare excellence in the Middle East with state-of-the-art medical facilities and comprehensive medical services based on highest international standards in healthcare.

The network covered sensitive information which was under constant threat from spyware and DoS attacks. So they needed a strong Firewall solution.

Mr. Mumtaz Hassan Bakshi
System Administrator
Dr Sulaiman Al
Habib Medical Group

Below mentioned are the challenges faced by Dr Sulaiman Al Habib Medical Group related to its business activities:

Safeguarding the Network Periphery

Dr Sulaiman Al Habib Medical Group needed protection against unintentional leakage of electronic Protected Health Information (ePHI) due to inefficient business processes, intentional leakage of confidential information by disgruntled employees, hacking of an hospital‘s website, loss of confidential data while in transit, and more. The hospital, therefore, needed a gateway firewall to regulate user authentication and access control.

Spam Problem

Dr Sulaiman Al Habib Medical Group needed to control malware and spam on its network of patient care workstations and servers.

One of Mumtaz Hassan Bakshi first tasks as System Administrator was to address the hospital‘s spam problem. “It was the single most frustrating issue users were experiencing. About 85% of all email was spam,” says Mr. Bakshi. Mr. Bakshi couldn't afford to have their employees wasting time sorting through these unwanted emails. They also didn't want to risk the possibility of inadvertently filtering out legitimate messages. They needed a highly effective, highly accurate anti-spam software solution to their spam problem.

Content Control

Unmanaged Internet access presents many challenges and introduces unnecessary risk. When workers inadvertently or deliberately access sites containing inappropriate, illegal, or dangerous content, use instant messaging (IM) and peer-to-peer (P2P) applications, they expose themselves to legal liability, and experience degraded network performance. The authorities needed to know who was accessing what sites and as such needed an identity based filter and reporting system that would include the users‘ online behavioral audit. Fixing a content filtering solution can do away with these problems.

Continuous Network Uptime

Data is an important aspect of business and from this perspective; the business goal is to have continuous business connectivity. The combination of both the solutions was needed to protect the network. Continuous Internet connectivity with no breakdown or downtime was the most important requirement for Dr. Sulaiman Al Habib Medical Group. In this regard, their business goal was to achieve continuous network uptime.

Also, the hospital was looking for a solution which could bridge the geographical distance between the head office and the branches so that users could securely connect from any location and use the hospital‘s resources.

The Cyberoam Solution

In order to address their challenges, Dr. Sulaiman Al Habib Medical Group looked into a number of security products. However, after seeing a trial demo of Cyberoam, they took the decision of deploying the Cyberoam appliance - two (2) CR500i at the head office in Olaya and one (1) CR200i at the branch office in Qassim. All the appliances are deployed in gateway mode.

Identity based Security

Cyberoam UTM comes with a unique identity-based security solution which protects against insider threats by giving complete visibility into “Who is doing What” in the network and allows creation of user identity-based policies. Mr. Bakshi used Cyberoam‘s Active Directory (AD) facility to achieve the task of integrating Dr. Sulaiman Al Habib Medical Group‘s users in the network through a wizard to import users.

Moreover, the automated single-sign-on (SSO) feature of Cyberoam allows transparent authentication of the end users as soon as they boot their machines.

Firewall Protection

Many healthcare practitioners are today associated with multiple hospitals and they require access to critical patient data from anywhere, anytime. Hundreds of administrative employees in a Dr. Sulaiman Al Habib Medical Group may need fast and error-free access to patient information like patient records, bed allocation and dispensing of medicines to deliver their services efficiently. This exposes a healthcare enterprise network to multiple threat entry points and considerable data management costs. As such, Dr. Sulaiman Al Habib Medical Group need to deploy efficient security measures to control network risks and vulnerabilities.

Dr. Sulaiman Al Habib Medical Group operates Cyberoam‘s ICSA and Checkmark Certified Perimeter Firewall between the Internet and the Dr. Sulaiman Al Habib Medical Group‘s network to establish a secure environment for the hospital‘s computer and network resources.

Gateway Level Anti-Spam

Check Mark certified anti-spam solution ensures that not a single mail made it to the internal inboxes. The spam is neutralized at the gateway. Perhaps most importantly, Mr. Bakshi is impressed with the accuracy of spam filtering solution. "We didn't have any false positives, and no junk e-mails slipped through the network. We're extremely satisfied” says Mr. Bakshi. Continuous spam protection was installed and had instantaneous effect.

Also, the intelligent anti-spam solution required almost no human intervention to put it on war footing. Signature-less Virus Outbreak Detection technology protects the hospital against any mail-based Zero-Day attack, hours before traditional signature-dependent solutions.

Safe, Productive Surfing Unleashed

Cyberoam UTM‘s web content filtering feature controls Internet access in the entire hospital by blocking inappropriate and unsafe Web content, including phishing and other malware-laden sites. This is done through a constantly updated database of millions of sites divided into 82+ categories including pornography, P2P, entertainment and job search. Moreover, Cyberoam‘s identity-based filtering allows sets individual user Internet access policy, surfing quota, time limits and bandwidth restrictions.

Continuous Data Availability

Cyberoam‘s Multi Link Management increases the overall network performance by load balancing the network traffic between two ISP Links. These ISP links terminate on Cyberoam, delivering continuity in security. In case of failure, the load is automatically transferred to the other working link, which leads to 100% Internet uptime, and round the clock connectivity to their hospital. The level of reliability is simply awesome.

VPN Connectivity

Doctors and nurses in remote offices or in the field require immediate access to patient data to support medical treatment, patient services and business operations without compromising patient care. Dr. Sulaiman Al Habib Medical Group thus needed to extend business operations at branch and remote sites by fully protecting their internal systems and assuring the availability of centralized network management.

The CR500i appliance deployed at the Head Office was used to ensure IPSec VPN connectivity along with the Cyberoam appliances at branches. This allowed remote office users to seamlessly access their work without any worries of breakdown in Internet traffic. Threat-free Tunneling (TFT)-driven VPN ensures that all such traffic is securely encrypted and no malware sneaks through it.

To Round it Off

Cyberoam gave Dr. Sulaiman Al Habib Medical Group the choice to implement a singlewindow security connectivity set-up across their whole enterprise infrastructure. Discussing regarding his Cyberoam experience, Mr. Bakshi commented, “We are more than happy with the service which has been provided.”