Check Point® Software Technologies has been chosen by NHS National Services Scotland, the publicly funded healthcare service in Scotland to secure and streamline the management of its public cloud data, and provide complete threat prevention for vital public services such as Scotland’s ‘Test & Protect’ and vaccine management services.
NHS Scotland provides public health and social care services to the country’s population, and has been transitioning healthcare data and services to Microsoft’s Azure public cloud for the past 18 months. The start of the Covid-19 pandemic highlighted the need for security that seamlessly expands on demand to hyperscale capacity. NHS Scotland’s cloud infrastructure powers the country’s ‘Test & Protect’ services, which has over a million users, as well as the ‘Protect Scotland’ proximity app, so it was critical these services were completely secured against threats and attacks. The organization is also developing systems for scheduling and managing Covid-19 vaccinations in Scotland as the vaccines become available.
“Check Point’s CloudGuard has been key in enabling us to add new cloud workloads and services without needing to constantly review or deploy new security infrastructure. This means we can focus on the critical public-facing tasks where we can add real value, such as developing and running Scotland’s ‘Test & Protect’ services,” said Deryck Mitchelson, Chief Information Security Officer, NHS Scotland. “Right now we are building our vaccination management systems, and our cloud-first approach gives us the agility and scalability we need to roll it out nationally while being sure that data and services are secured.”
As it runs multiple essential healthcare systems, NHS Scotland also needs to have full visibility of who is accessing data, where it is being shared and how it is used to comply with GDPR and national data security legislation. To secure its healthcare data and services to the public cloud, NHS Scotland has implemented:
“Health data is probably Scotland’s most valuable asset, so it’s essential that it remains absolutely secure wherever it is being stored or accessed. We now have much more visibility than we had before we implemented the Check Point solutions,” added Mitchelson. “We can really understand where the data is and who is accessing it, from where, and ensure it is protected at every point of entry.”
NHS Scotland also uses a Security information and event management (SIEM) solution. “One of the things I liked with Check Point is its integration with the SIEM vendor we’re working with,” said Mitchelson. “That means that we don’t have to go and actually start writing and creating configurations, it just links to the SIEM system and automatically starts to work, giving us the information we need in a single console.”