The healthcare industry has fast become a soft target for cyber-attacks and with good reason. Hospitals host both financial and protected health information, while offering a number of easy access point for ransomware attacks and insider threats.

Company background

ALYN Woldenberg Family Hospital is Israel’s only paediatric rehabilitation facility, founded by Dr. Henry Keller back in 1932.

The hospital has a customer database of more than 70,000 patients and hosts its main website in four languages and across three different domains. In addition, they have a special projects website in both Hebrew and English, which is used for resource development and to coordinate special events. It’s where people can sign up to participate in events, but it also accepts donations.

The hospital IT team is worried that the events site could be a possible weak point, allowing hackers easier access to their systems, and the main reason they went searching for a good WAF provider.

The Challenge

Five years ago, the IT team noticed an increase in cybercrime, especially in the healthcare industry. While the hospital had never experienced an attack, the security of their content management system (CMS) became a key concern. The team didn’t feel their cybersecurity vendor was updating the security on their CMS as often as they should, leaving them vulnerable and leading the team to go looking for a new vendor.

Patient privacy and regulatory compliance are key concerns for ALYN Hospital and were mitigating factors in determining which cybersecurity suite to go for. This, paired with a best cost-benefit ratio and the constraints of a small IT team meant they had to find a managed system that was easy to integrate and required minimal upkeep.

Initially checking out on-premise WAF systems, the team kept coming up against the cost of securing their sites and; because of strict government regulations, they were initially hesitant to move to a cloud-based system. Ultimately, however, they decided that the Imperva’s Cloud WAF was just the thing.

The Solution

“We looked at community reviews and talked with colleagues at other hospitals and got the impression that Imperva’s Cloud WAF is one of the best in terms of cost-benefit ratio, which is important to us, in addition to robustness, ease-of-use, and integration, which was very smooth. It all proved to be correct, for which I am very glad,” said Uri Inbar, Director of IT for ALYN Hospital.

Integration took less than a day and ALYN Hospital still manages its servers in-house, with a staff member who is now dedicated to security. Imperva has been low maintenance from the start, so, while customer support was with them every step of the way at the beginning; they haven’t needed any for the last few years because the system has been running smoothly on its own.

“It gives us peace of mind to know that someone has dedicated themselves to the subject and keeps us updated. It’s one less worry to take care of.”

Benefits

Increased visibility for monitoring security threats:
The Cloud WAF dashboard is easy to use and provides information that helps ALYN Hospital keep its systems secure. And for their special projects, they can even see which countries are generating the most traffic.

24/7 DDoS mitigation:
ALYN Hospital uses Imperva’s DDoS protection, which significantly improves security and reduces down time by fending off attacks.

Good cost-benefit ratio:
One of the most important aspects of any new security system for ALYN, the costs were reasonable, especially given the security benefits they received from Imperva’s Cloud WAF.

Faster content delivery:
While no formal studies were done, the IT staff has heard from some users that their CDN is delivering content faster than before. Just one more benefit of signing on with Imperva.