Case Study

How Lexington Medical Center proactively defends against ransomware and maintains a least-privilege model with Varonis

PHI

patient data

HIPAA

regulations

Ransomware

vulnerabilities

Within healthcare organizations, one of biggest challenges is being able to monitor and govern data. The amount of data generated by medical systems is like drinking from a firehouse — managing that flood of data in a way that keeps information protected and secured is vital.

John Hensley, Information Security Analyst, Lexington Medical Center

Challenge

Lexington Medical Center faced growing amounts of sensitive data, heightened awareness of increased cyberattacks to the medical field and difficulty governing and protecting their unstructured data. With the sensitive data on their network, security staff knew they needed to find a solution for protecting the facility’s unstructured data on their main network storage.

You need to know where your data resides and who owns it. That was one of the absolute biggest challenges that we had and that was instrumental in helping us make the decision to buy Varonis.

John Hensley, Information Security Analyst, Lexington Medical Center

Solution

  • Visibility into sensitive data: With Varonis, Lexington Medical Center gained visibility into their on-premises data stores down to the file level — including what type of data they have, where it’s stored, who owns it, who can access it and more.
  • Monitor file activity and streamline permissions: Lexington Medical Center leverages Varonis to monitor all file activity, streamline permissions, and identify who has (and who should have) access to sensitive patient information and confidential medical research. With Varonis, they're now able ensure the hospital’s enterprise data remains secure to a least-privilege model.
  • Alert on suspicious behavior: Lexington Medical Center uses Varonis to identify and report on suspicious behavior that could indicate internal or external threats: including Locky and Cryptolocker. With Varonis, they're able to review historical attacks, automate responses to attacks in real-time, and protect against future ransomware attacks.

DatAlert’s ability to alert on anomalies that indicate a ransomware attack and scan files for possible ransomware infection was a huge selling point for us. In the months following deployment, Varonis alerted us to several ransomware attacks. In each case, we were able to shut down accounts quickly and minimize the impact.

John Hensley, Information Security Analyst, Lexington Medical Center

Customer Profile

  • Customer: Lexington Medical Center
  • Industry: Healthcare
  • Location: West Columbia, South Carolina, U.S.

Read more

See how Lexington Medical Center uses Varonis to discover sensitive content, identify stale data, and proactively defend against ransomware attacks.

Download PDF
Learn More

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.