Baruch Padeh Medical Center Secures Third-Party Activities with Syteca

About

Customer’s requests

• Improve the IT management of third-party access
• Reduce the risk of third-party insider threats
• Mitigate data security risks by responding to suspicious activity
• Ensure the security of sensitive data

As the organization’s activity increased, so did the number of vendors
that needed to connect to the network, and managing the allocation of
users and passwords became more complicated and time-consuming than
managing the computer system. In addition, we had no ability to monitor
what each provider was doing on the network and make sure they weren’t
connecting to servers they were not authorized to connect to or performing
operations they weren’t authorized to perform. The inability to monitor and
document these actions reduced the level of information security and
increased the risk of data breach incidents.

The challenge

Our customer had very limited capabilities for third-party activity monitoring and access management. When a vendor needed to connect to the organization’s network, they requested credentials from the center’s IT administrators, who had to manually create and manage these credentials. After that, the administrators had no visibility into the vendor’s actions with sensitive resources. 

The need to manually provide credentials to more than 40 vendors created a huge overhead for the medical center’s IT department. Also, limited visibility into contractor actions threatened the security of patients’ medical records and left the medical center with zero capabilities to detect and respond to a security incident. 

That’s why the medical center was looking for vendor risk management software to automate and enhance their data protection capabilities.

The result

Deploying Syteca helped the customer achieve the following results: