Digital Edition

SYS-CON.TV
University of Texas Using Vormetric's CoreGuard to Secure IT
University of Texas Using Vormetric's CoreGuard to Secure IT

As federal regulations increasingly require greater security measures to be implemented in order to safeguard personal health information, organizations are finding it necessary to use new security measures to meet all these requirements.

These measures, especially when they involve the selective access of health information, and delimiting what kind of information various personnel can see, involve adopting dynamic security that can satisfy both internal and external security protocols. The University of Texas (UT) Health Science Center selected Vormetric to help the University protect students' health information in compliance with Health Insurance Portability and Accountability Act (HIPAA).

UT selected Vormetric's CoreGuard Information Protection System to protect and encrypt information that could personally identify patients' and employees' financial information, electronic protected health information (EPHI), and also UT's intellectual property.

Kevin Granhold, director of server and desktop services at UT, said, "We have always taken the protection of our sensitive information seriously, but we wanted to completely ensure the integrity of our data by implementing another layer of security on our locally-attached storage." Concerning what in particular made Vormetric the University's choice, he stated, "Vormetric's policy-based solution helped us to quickly secure our electronic assets without affecting the rest of our network environment or the performance of our IT infrastructure. It also lets us easily extend information protection throughout our environment as new requirements arise."

The security provisions that the Santa Clara, CA-based security company offers are designed to enable administrators to set various combinations and 'depths' limiting user/application access combinations, the types of permissible access, and the locations from where data can be accessed. The last item proving especially useful in emergencies when staff must remotely access health information.

Furthermore, the encryption technology Vormetric uses allows administrators to selectively deploy encryption via policy without changing applications or storage infrastructure. Furthermore, its proprietary MetaClear encryption lets administrators encrypt data without encrypting the entire system metadata. What this enables, is access to data without first having to decrypt it, which would ordinarily reveal data at the backup server. More practically, MetaClear separates the ability to access data, letting administrators do their jobs, from the ability to view sensitive data at will.

Beyond providing peace of mind to those individuals whose confidential information is under UT's administration, Vormetric's CoreGuard allows UT's Health Science Center to comply with HIPAA requirements that stipulates health care providers must maintain reasonable administrative, as well as physical and technical safety measures in order to vouch for the reliability and constitution of EPHI.

Bill Schroeder, president and CEO of Vormetric, recently stated, "A variety of new regulations, such as HIPAA, GLBA and California SB 1386, are making organizations examine the need to protect the sensitive data in their infrastructure. By ensuring strong information protection across widespread, heterogeneous environments, the CoreGuard System enables the consistent enforcement of enterprise security policies that define the appropriate use of sensitive data."

Vormetric's technology appears to satisfy the qualities that a security system overseeing today's health information needs to possess. These characteristics, according to Gartner research analyst Thomas Handler, must come together to offer a system that balances security with manageability in a dynamic way. He said, "Security and confidentiality must be guaranteed, while balancing the need for legitimate access to records. In light of Health Insurance Portability and Accountability Act (HIPAA) regulations and rising consumer concern over privacy and confidentiality, a computer-based patient record system must have very robust security measures and technology."

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The question before companies today is not whether to become intelligent, it’s a question of how and...
While some developers care passionately about how data centers and clouds are architected, for most,...
ChatOps is an emerging topic that has led to the wide availability of integrations between group cha...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being soft...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
The cloud era has reached the stage where it is no longer a question of whether a company should mig...
The need for greater agility and scalability necessitated the digital transformation in the form of ...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...