100% threat protection leads to safer, stronger medical care

Today’s healthcare organizations need to protect their critical data and infrastructure against an ever-growing volume of automated, sophisticated attacks. Nearly every malware attack involves compromising an endpoint. The key, then, is to supply the best protection possible to all users and endpoints, wherever they may be located. UHZ provides an excellent example of how, with the right technology and partners, this can be done easily and effectively.

Every year, UHZ treats nearly 650,000 patients across its medical facilities, clinics, and institutes. It employs more than 8,400 medical and administrative staff members and has deployed more than 13,000 endpoints, including desktop computers and mobile devices. As the head of System Engineering at UHZ, it’s Tom Schütt’s responsibility to protect his staff and endpoints from attacks.

“Securing them all is very important to us,” Schütt explains. “It is vital for us that our endpoint security solution features state-of-the-art technology to help us minimize risk.”

In 2018, realizing they needed more effective endpoint security than their existing on-premises solution could provide, Schütt’s team ran a proof of concept (POC) of Traps advanced endpoint protection, which he had learned about from Omicron AG, a Swiss Palo Alto Networks partner. “When we carried out a software evaluation, Traps was the clear winner,” Schütt remembers. “The most important factor in a solution such as this is its ability to detect malware, and it did that really effectively.” When it came to deployment, Omicron helped optimize the solution for UHZ’s specific needs.

In the POC, UHZ compared its existing endpoint security solution’s performance and that of Traps against a robust set of the latest malware. The outcome: Traps detected and successfully blocked 100% of the threats, while the existing solution detected just 40%. In other words, Traps detected and blocked 2.5 times as many malicious files. The POC also demonstrated the strength of Palo Alto Networks security against Metasploit penetration tests on isolated systems.

In 2019, Palo Alto Networks introduced Cortex^® XDR^™, a new generation of endpoint protection, detection, and response solution, built on the Traps technology and integrating AI- and ML-based prevention, including Behavioral Threat Protection. UHZ knew it was the right solution to keep the hospital ahead of increasingly sophisticated threats. With Cortex XDR installed, UHZ was better prepared for the malware challenges of the future, starting with the COVID-19 pandemic.

As with so many organizations around the world, in early 2020, Schütt and his team suddenly had to secure thousands of newly remote hospital staff who had been sent home to work due to the pandemic.

“Endpoint security has obviously become even more vital during the COVID-19 pandemic—on the one hand because UHZ is an operator of critical infrastructure, and on the other because at the start of the lockdown in spring 2020, a great number of employees, particularly in management, started working from home.”

Using machine learning, Cortex XDR continuously profiles endpoint, network, and user behavior to uncover the stealthiest attacks. As a cloud-delivered technology, Cortex XDR was uniquely positioned to help Schütt and his team rapidly roll out security for more than 2,000 suddenly remote administrators and staff.

For medical centers like UHZ, malware is a constant challenge. Schütt explains, “Palo Alto Networks was particularly effective at detecting malware—which, in my opinion, is the greatest threat. None of the other products we tested has the behavior-based approach implemented as well as this. And we have seen it proven in live operation, especially now that we have upgraded to Cortex XDR.”