Case Studies

University of Kansas Hospital Case Study

Issue link: https://learn-umbrella.cisco.com/i/750204

Contents of this Issue

Navigation

Page 3 of 3

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) The results Bolstered security and unprecedented insight "Deploying Umbrella was fast and we experienced immediate time- to-value. Within an hour of Umbrella going live, we could see a huge increase in visibility, protection, and blocked malicious traffic," according to Duong. "On any given day prior to implementation, we'd see some 100,000 hits against our network, some 20-to-30 percent of which were ransomware. As soon as Umbrella came online, that number dropped to nearly zero." "When we enabled AD integration by connecting our Active Directory to Umbrella—a simple process that took an hour—we suddenly went from struggling to track attacks to being able to correlate users with events and trace every click of their online travels. Then, Cisco Umbrella Investigate gave us the power to understand each threat's entire story from start to finish," Duong says. "We're able to dig deep into the analysis to see what users are doing, where they're going, and pinpoint any contributing behaviors so we can mitigate most efficiently." "Our incident response has improved dramatically, and the results," Hart believes, "speak for themselves. Duong agrees: "Pre-deployment, a single incident would take approximately two days using our manual process. We've achieved a 75 percent reduction in response time, and in some cases, need just 30 minutes." The University of Kansas Hospital has been able to better combat and mitigate threats like ransomware. "We actually had a ransomware incident where a device did get infected, but it was easily contained by Umbrella. When the infected device tried to connect to the remote server, it was unable to get the encryption key. So the files were never encrypted." "Umbrella's console streamlines the process of updating and enforcing security policies so we can deliver network-wide protection within seconds," says Hart. "We've been able to improve our security posture and better protect patient information and research data," affirms Duong. "Given the ever- advancing security intelligence and Cisco's dedication to staying ahead of bad actors, Umbrella will remain a cornerstone of our security program for the long term." " Our incident response has improved dramatically and the results, speak for themselves. Pre- deployment, a single incident would take approximately two days using our manual process. We've achieved a 75 percent reduction in response time, and in some cases need just 30 minutes." Henry Duong Infrastructure Security Manager, The University of Kansas Hospital

Articles in this issue

view archives of Case Studies - University of Kansas Hospital Case Study