OVERVIEW

UZ Brussel University Hospital, located on the Jette campus, is one of the most important hospitals in Belgium with 721 beds. It was founded by the Vrije Universiteit Brussel (VUB) and has several polyclinics across the outskirts of Brussels. These are also supported for various services, including IT, from UZ Brussel.

Thanks to nearly 4,000 permanent employees, UZ Brussel provides the best possible care to patients. Research and training are also important to UZ Brussel. Every year, approximately 800 students intern at the hospital.

CHALLENGES

IT plays a critical role in the healthcare industry. With several polyclinics supported by UZ Brussel’s IT, ensuring top-notch security and managing operations is no easy task. “As the supporting IT service for infrastructure and operations, we are responsible for the proper functioning of networking, system management, database management and cybersecurity,” explains Robin Demesmaeker, Manager of ICT Infrastructure at UZ Brussel. “In addition, there is also a DevOps team that has developed its own Electronic Patient Record (EPR) system and shares it in partnership with other hospitals, whether or not hosted in UZ Brussel’s data center.”

One of the major trends in healthcare is the far-reaching digital transformation. UZ Brussel also sees a number of major challenges in the coming years. For example, there is the increasing demand for automation.

“Within nursing, we are at the tipping point to relieve people from administration as much as possible. Devices like blood pressure monitors could automatically link the values to the EPR. At present, nurses still have to add them manually,” says Demesmaeker.

He expects that the arrival of 5G networks will also lead to an evolution in the monitoring of patients at home (for example, of diabetics, cardio data or sleep tests). Other trends that create challenges are cloud services and the exponential growth of internet of things (IoT) sensors in the medical world. The tension between userfriendliness and the strictness of the policy is also a challenge for UZ Brussel. All of which also have implications for IT security and privacy.

“Central to this for me is the protection of the identity of the healthcare provider,” clarifies Demesmaeker. “Because of their position, they can access certain sensitive data and perform specific actions. So if their identity is not well protected, any rogue person can misuse this data. Especially if you use more cloud services and therefore no longer keep everything within the walls of the hospital, this becomes even more crucial. Like knowing where and how the identity is being used, which you then also have to log.”

WHY TREND

In addition to these challenges, an outdated endpoint security solution from McAfee was the concrete reason for strengthening the security. In a comparative test of four solutions, Trend Micro Apex One™ emerged as the best.

“It was purely definition-based and we wanted a next-gen solution. We had defined four criteria: it had to be behavior-based, easy to manage because our time and focus is on supporting healthcare, the solution had to be able to handle virtualization, and finally, we carried out a benchmarking exercise to determine how the security solution reacts to our own medical software,” says Demesmaeker.

The spread of COVID-19 caused a lot of pressure internally and on the IT department— they needed a solution that deployed and scaled quickly.

“The rapid scaling of intensive care was a priority for us. In addition, solutions were quickly sought to enable patients, who were no longer allowed to receive visitors, to communicate with their families at home via video calls on smartphones or tablets. This caused an extra load on the Wi-Fi network. Teleconsultations were also used,” says Demesmaeker.

Due to COVID, hospitals were more targeted by hackers than in previous years.

“Trend Micro spontaneously came and asked if they could help. They then installed the Trend Micro™ Deep Discovery™ Inspector solution to see if anything suspicious was happening on the network. That was a trigger to broaden the original scope and not only include endpoint security but also mobile security,” says Demesmaeker.

SOLUTION

UZ Brussel finally opted for a bundle of solutions with XDR capabilities for users. They chose Trend Micro Apex One for endpoint security, Trend Micro™ Mobile Security (backed by Trend Micro™ Smart Protection Network™) for Microsoft 365, Trend Micro™ ScanMail™ for Microsoft Exchange, and Trend Micro™ Deep Security™ Software for their data center.

“In the file, we also examined whether we would go with an external partner for a Security Operations Center (SOC). But given that the Trend Micro XDR bundle also includes managed services, this was the best option for us. There is 24/7 monitoring with email notifications and a report,” says Demesmaeker.

The implementation of the solution was completed in phases. Trend Micro Apex One was completed at the end of October 2020 while other solutions are already largely installed. For the integration and implementation, UZ Brussel relies on ePact, a trusted Trend Micro partner.

“We are very satisfied with the service provided. The integration went smoothly, without any problems and all the apps continued to work. A correct implementation is as important as choosing the solution itself,” says Demesmaeker.

RESULTS

UZ Brussel’s digital environment is now safer, allowing the IT team to focus on core tasks and leave the rest to Trend Micro specialists. “The nice thing about that is that it’s not just numbers. But also recommendations. Sometimes we get a comment about a user’s behavior. It then reads: ‘Make sure that you raise awareness with this user, because he did action X and Y. For example, check the URL he clicked on,’” says Demesmaeker.

The bundle of security solutions also provides much more insight into what is happening on the IT infrastructure.

“We used to see little or no attempts or lateral movements. Now we can follow them perfectly through the Deep Dicovery Inspector. They are not always malicious attempts - often just blind attempts - but you still want to know where and how many. Thanks to Trend Micro, that’s now possible.”

WHAT'S NEXT

One of the working points on UZ Brussel’s agenda is to set up internal actions to raise awareness. Concrete campaigns will follow in the course of this year. UZ Brussel is also looking beyond its own doorstep.

“In the healthcare sector, you all have the same goal. So if something happens in the security field - an attack, a phishing campaign - you know that it can happen at your or other hospitals as well. That’s why we are thinking of a platform to quickly share such attempts with other institutions in the healthcare sector so that they can also minimize the risk,” says Demesmaeker.