GEARS + CounterACT. Advanced Compliance Enforcement for Healthcare. December 16, Presented by:

Transcription

1 Advanced Compliance Enforcement for Healthcare Presented by: December 16, 2014 Adam Winn GEARS Product Manager OPSWAT Kevin Mayer Product Manager ForeScout

2 Agenda Challenges for the healthcare industry GEARS + CounterACT Partnership Introducing OPSWAT and the GEARS Platform Introducing ForeScout and CounterACT Demo Q&A

3 Healthcare industry needs Employees have access to an increasing amount of data within an organization BYOD gaining in popularity. Risks are tremendous There is an increase in malware targeting endpoints as an entry point into a network Organizations need to meet compliance with HIPAA regulations: reliably, affordably, easily, securely

4 The solution Why use GEARS and CounterACT? Advanced compliance enforcement, especially for HIPAA Check for disk encryption, password protection, antivirus and more Smooth on-boarding, flexible and powerful remediation options Unmatched threat detection for managed and guest endpoints (including pre-authentication) Force non-compliant devices into remediation states, or even a secure workspace

5 About OPSWAT Founded in 2002 Headquartered in San Francisco 130+ Employees Customer base 50 OEM customers 800+ direct customers Product portfolio OESIS Metascan and Metascan Online GEARS Policy Patrol (Red Earth Software)

6 Introducing GEARS Advanced endpoint compliance inspection and management Lightweight agent for Windows and Mac Cloud-hosted service and management interface Optional app with tools for end-users Designed for easy integration NAC SSL VPN IPsec VPN NGFW SaaS

7 Introducing GEARS Monitor endpoint status Assess device posture with deep host checking vs. security baseline Detect compromised or vulnerable devices: On the network or remote Inform end-users about security and the state of their device Protect resources via integration with secure access solutions

8 HIPAA Compliant with GEARS Detect and enforce HIPAA Security Standards: Technical Safeguards for PCs* User authentication (a)(2)(i) Automatic device lock-out (a)(2)(iii) Disk and data encryption (a)(2)(iv) Audit controls (b) *All Windows and Mac devices. Mobile and Linux coming in 2015

9 Single pane of glass

10 Simple but powerful configurations 11 Configurable Compliance Categories Antiphishing Anti-malware Backup Disk Encryption Firewall 3 rd Party Patch Mgmt. P2P File Sharing OS Updates User Authentication Hard drive space Infections

11 Infection Detection: Metascan Online Expand and double-check your current malware detection Take advantage of 42+ anti-malware engines hosted in the cloud Identify threats not detected or remediated by the installed antivirus

12 Infection Detection: AV Log Inspection Assess guest device risk via 7-day history Highlight repeated threats (persistent infections)

13 GEARS for HIPAA Compliance Best-in-class encryption detection on Windows and Macintosh Detect disk encryption state, encryption algorithm, and key length for 17+ applications Detect true encryption state for every volume on the device: Full, partial, in progress, paused, none Approve only certain encryption brands, products, &/or versions Generic disk and file encryption option {patent pending}

14 GEARS for HIPAA Compliance Enhanced antivirus compliance on managed and guest PCs Allow only your approved antivirus products Don t get burned by allowing devices with sub-par antivirus Require definitions be up to date (< 72 hours) Require real-time protection be enabled Require full system scan within the last 7 days

15 GEARS for HIPAA Compliance User-authentication and automatic log out Require properly configured device password Require device auto-locks after N minutes Works for devices on the domain, on a workgroup, even remote

16 GEARS for HIPAA Compliance Limit exposure and exfiltration risk with Session Shield Enforce secure workspace for high-risk devices or environments Automatic cleanup of all activity during the session Granular control of read/write access to printers, network drives, and removable media Optionally filter web traffic through a secure proxy

17 About ForeScout In business 13 years Headquartered in Campbell, California 200+ global channel partners 1,500+ customers worldwide Financial services, government, healthcare, manufacturing, retail, education From 500 to >500,000 endpoints Focus: Pervasive Network Security Independent Network Access Control (NAC) Market Leader

18 Introducing CounterACT Real-time Intelligence Device type, owner, login, location Applications, security profile Captures transient users and devices

19 Introducing CounterACT Real-time Intelligence Granular Controls Device and user-specific policies Mitigate OS, configuration and security risks Start/stop applications and disable peripherals

20 Introducing CounterACT Real-time Intelligence Granular Controls Information Sharing and Automation Bi-directional information exchange Enhanced collaboration Automated mitigation and control

21 Integration

22 Demo

23 Prove HIPAA Compliance Enforce encryption of system volumes and other drives Enforce use of password protection Enforce use of functioning anti-malware software Block access for devices that are not compliant, ensuring they do not reach sensitive resources

24 Learn more Q&A Read more about CounterACT at Sign up for a free GEARS account to try it out at

25 Thank you Advanced Compliance Enforcement for Healthcare