King’s College Hospital NHS Foundation Trust in London is upping the security and compliance of its main Microsoft Windows server-based network.
The trust is improving the way it manages the tasks of authenticating and authorising its 10,000-plus users, including checking passwords, enforcing security policies for all its computers and installing and updating software.
The large trust recognised it was a massive challenge to manually monitor the thousands of daily changes on its main ICT infrastructure. It decided it needed an automated product to audit all privileged user activity and changes, for both security and compliance.
After evaluating the options it chose Netwrix Auditor, which now provides King’s ICT operations team leader David Sewoke with automated daily change reports, and sends real-time red alerts to his mobile phone if any of the trust’s 50 systems administrators change a user’s access rights to information.
“It’s improved the security of the network and I now have full visibility of what happens,” Sewoke said. “I now know exactly who is making changes, when and why.”
He said the Netwrix system had also helped to change people’s behaviour. “Now that the staff are aware that everything they do is being audited, there are fewer security risks,” Sewoke said. “People don’t try to make changes such as adding a user as a domain administrator and then later on removing them. Now, we can see how far trusted IT administrators are going with their rights on the network.”
King’s says it now plans to extend its use of Netwrix to its EMC-based storage area network (SAN) server environment. At that point, Netwrix Auditor will be monitoring the trust’s entire IT infrastructure.
“It will cover the whole campus and be on everything - all the servers with full domain coverage,” Sewoke said.