CHU Saint-Pierre
HOW TO MANAGE WEB SECURITY POLICY IN HEALTHCARE ESTABLISHMENTS, DISTINGUISHING BETWEEN RULES FOR STAFF AND THOSE FOR PATIENTS?
Context
One of Brussels' largest hospitals
Working hours
24/7
Number of positions
Approximately 3,000 user workstations on 2 sites

HOW TO MANAGE WEB SECURITY POLICY IN HEALTHCARE ESTABLISHMENTS, DISTINGUISHING BETWEEN RULES FOR STAFF AND THOSE FOR PATIENTS?

    THE CHALLENGE

  • Set up a Web security policy relevant in healthcare institutions adapting to different web browsing contexts :
    • Staff, where particular attention is paid to the nature of Internet traffic (content, duration, etc.).
    • Patients, with unrestricted access to all content (excluding legal restrictions).
  • Preserve the hospital's bandwidth , whatever the number of patients and staff, and whatever the volume of use (Webradio, streaming sites, etc.), in order to offer a good quality of service to the hospital's public and staff.

    THE SOLUTION

  • A solution adapted to the problems of a public-access facility:
  • The advanced proxy enables efficient URL filtering to provide the right answers at the right time
  • The SSL decryption guarantees filtering of secure HTTPS flows
  • The web filtering enables Olfeo awareness pages to be set up for uncategorized and unauthorized sites
  • The protocol filtering controls Web protocols at the application & protocol layer to guarantee optimal filtering quality and security
  • L'web antivirus enhances the security of users surfing the Web.

      OLFEO-TOUCH

  • The quality and category finesse for efficient URL filtering
  • Filtering in line with the European context, and more specifically with French and Dutch specificities (culture, languages...).
  • Incorporation of Belgian/Dutch laws into web categorization, to preserve the hospital's reputation and protect users in the event of negligence or lack of awareness of risks on the part of Internet users.
  • European software that replaced the American solution previously used, which was not entirely satisfactory.
  • A solution that takes bandwidth issues into account

THEY DID IT          

Regular enrichment of URLS databases used in the healthcare sector by supplying lists of unknown sites to the Olfeo classification service.

Some sites that could have been banned as pornography in some companies (venereal diseases...) are blocked by mistake.

Rapid reclassification of Olfeo or override by hospital staff, in compliance with legal requirements.

ADDED VALUE

­

  • Monitoring users' Internet use by posting awareness pages to make employees more aware of their responsibilities (high bandwidth consumption, overrunning, etc.).
  • Display of the IT charter to hospital staff and obligation to accept it to access the Internet on 1st use.
  • Clear visibility thanks to a high-performance monitoring tool for analyzing and understanding Internet usage in the hospital
  • Easy-to-use Olfeo console for activity reporting
  • Flexible configuration and categorization of filtering in the management console
  • Filter rules can be easily associated with user groups to create fully customized security policies.

" Olfeo is a legitimate filtering solution for Europe, not just France. The tool's efficiency in a context where two official languages coexist is a real added value.

Olfeo comes in very handy when we're wondering what's going on on the Internet, as the reporting section enables us to analyze all traffic precisely, particularly in terms of abnormal usage.

Olfeo is a user-friendly, flexible solution for managing Internet access directly, without the need for IT specialists."

By Bruno le Marchand, Director of IT Services and Rik De Jaegher, Data Protection Officer & Chief Information Security Officer