The health system’s decision-makers also discussed the long-term direction of the MDR service to see if it meshed with their strategy, Estrada says. “We didn’t want to be in the position of looking for a new MDR service in a year,” she adds.
CrowdStrike was ready to deploy the service within two weeks of Montage Health signing on, but the health system took extra time to determine how it would affect nonstandard devices and to work with other vendors to ensure their products were compatible, Estrada says.
Communicating with Montage Health security staff about their roles after the adoption of the service was also a priority, Estrada adds.
“Letting them see how they’d be refocusing and learning more things after we partnered with the service was essential,” she says. “We wanted them to know that our aim was to grow them as a team. Using the MDR service opens opportunities for them as a security team. There are a lot of exciting things going on with our program because we can bring in managed solutions.”
MDR Enables Small Hospitals to Face Big Cyberthreats
The support MDR services offer for health systems cannot be overstated, especially when staffing shortages and budget constraints keep security strategies tight.
Jackson Parish, in rural northern Louisiana, may attract hunters and fishermen, but it’s less of a magnet for doctors and IT security specialists, says Jackson Parish Hospital COO and CIO Jason Thomas. The 25-bed hospital is the only critical access medical facility in the parish, and it operates in the same cyberthreat environment as any big city medical center. Without enough in-house IT staff for 24/7 security monitoring, JPH relies on the Arctic Wolf MDR service, Thomas says.
“For a hospital in our situation, the managed security model becomes a necessity. IT security must be working all the time,” he adds. “I can’t recruit the number of security specialists I would need to cover my needs, and I couldn’t afford to pay them if I could.”
The hospital’s anti-virus software, network, wireless, servers and SonicWall next-generation firewall all push their logs to Arctic Wolf, enabling more comprehensive protection from the service. Hospital IT staff also works in partnership with the MDR service, keeping an eye on in-house dashboards monitoring the hospital network, Thomas says.
MDR services can be a particularly good fit for a healthcare setting, where the number of endpoints on a network, in the form of medical monitors and other devices, is rapidly growing, he adds.
“If you don’t have enough eyes in-house, this kind of platform is ideal to open things up and see what’s happening on your network, that it’s safe from intrusions and in regulatory compliance,” Thomas says. “I’m the one who will have to answer for a breach. I need to be able to trust what’s on my network and know what’s happening with my patient data. Arctic Wolf gives me the confidence I need that we are bringing our A-game, and I can sleep peacefully at night.”
Keep this page bookmarked to keep up with all of HealthTech’s Cybersecurity Awareness Month coverage, including more on managed detection and response.