The core business of UZ Leuven is taking care of its patients. While doctors and nurses are saving lives, the IT department is responsible to keep patients’ health records safe by protecting the hospital’s many assets, such as computers. The endpoint solution in place to meet this goal was due for an update.
That’s where Nynox came in as UZ Leuven’s trusted security partner. Its ICT security experts implemented Sentinel One, the new endpoint, detection and response (EDR) solution, in record time with minimal downtime, while simultaneously assisting UZ Leuven’s IT staff to get familiar with the tool. The result? Time savings, minimal maintenance costs and a carefree future for the security department.
UZ Leuven is the largest university hospital in Belgium. Every day, almost 10.000 passionate employees provide the best customised care possible. In 2020, the hospital counted over 51.000 admissions and 660.000 consultations. Helping these many patients goes hand in hand with the challenge to save and secure their vulnerable data with no room for compromise.
Protecting 15.000 assets
Over the last years, healthcare institutions have more frequently become the target for cyber attacks. Cybercriminals often have their sights set on hospitals, who are dealing with the sensitive data of patient records. At the same time, budgets are tight, making it extremely hard to find the right balance between investing in optimal patient care and pouring necessary funds in protecting their data through adequate IT security.
“We think three times before we invest. Our tools need to be modern and preferably superior to previously used tools. This was also the case for our endpoint solution. To protect 15.000 assets, which are mostly computers but indirectly also medical devices, we were looking for a trustworthy tool that fits within our budget, not only now but also in the future. So maintenance costs should be kept to a minimum.”
Reinoud Reynders, IT Manager Infrastructure & Operations at UZ Leuven
SentinelOne: AI-based behavioral EDR solution
Via a public tender, UZ Leuven decided to work with the cybersecurity specialists of Nynox who proposed SentinelOne as the new and improved EDR solution.
Unlike the previous tool, the focus not only lies on endpoint security, but also on detection of and response to malware and cyber threats, leading to an increased security visibility over the network and assets. The SentinelOne API feature also empowers cybersecurity integrations and security automation with other technologies within UZ Leuven.
Moreover, SentinelOne embeds artificial intelligence and machine learning, allowing the tool to detect unknown malware with a low false-positive ratio.
“Nowadays, many cyber attacks take advantage of zero days, vulnerabilities still unknown, undescribed or unpatched. So these threats don’t have a signature with information to detect it and pose a great risk. With the help of AI which recognizes behavior similar to other malware, UZ Leuven now has a behavior based tool in its hands which is able to detect zero days.”
Federico Meiners, Cybersecurity Architect at Nynox
Migration in record time
One of the challenges Nynox faced was the short time frame available to migrate the old endpoint solution to SentinelOne. Reinoud Reynders from UZ Leuven explains: “Normally, we take care of the migration ourselves. This time, we gladly accepted Nynox’s help. Thanks to our joint efforts, we were able to finish the migration in record time with minimal downtime. Additionally, Nynox offered very fast feedback on any questions regarding the implementation process and use of the new tool.”
Nynox didn’t stop at delivering a successful product deployment either. The team used its solid cybersecurity knowledge from their Managed Detection & Response (MDR) and Security Operations Center (SOC) services to empower SentinelOne even more. For UZ Leuven, Nynox’s approach to and deployment of SentinelOne felt like a fresh breath of air. The hospital is fully ready to focus on patient care for the next few years, as it should be, since Nynox unburdens the IT department. As an effective behavior-based tool, SentinelOne offers detailed information in its security alerts, which allows UZ Leuven to immediately know what’s going on and what actions to take.
Added value
Reinoud Reynders concludes: “The ingrained automation is a huge time saver and keeps maintenance costs to a minimum, just as requested. So I am happy with the new solution, while I also look back with satisfaction on the collaboration with Nynox. As a partner, you must provide added value. Nynox delivered that added value, especially on the technical side, ensuring an acceleration of processes and a timely delivery.”