McAfee Helps Mindray Achieve Maximum Data Security

Mindray is China’s leading researcher, developer and manufacturer of high-technology medical devices and ranks among the innovation leaders in its class worldwide. The company’s Chinese headquarters in Shenzhen house a large research and development centre, equipped with a team that is currently the largest in size and boasts the most comprehensive development capabilities in the domestic medical device industry. With almost 30% of its employees engaged in research and development activities, Mindray Medical has successively rolled out over 80 new, self-proprietary products covering four main business segments, namely, patient monitoring and life support, clinical diagnostics, digital ultrasound and radiological imaging and has garnered more than 1,100 patents, making it China’s research and development pioneer in many technology areas.

In recent years, competition is getting stiffer by the day, as the domestic medical research and development industry develops. The means to protect the company’s intellectual property as well as research and development achievements and data have, therefore, emerged as Mindray’s main concerns. At the same time, the massive popularisation of information technology and tools (laptops, USB drives, the Internet) and the illegal tactics used by competitors have also posed serious threats to the intellectual property protection, brand development and other activities of the company, forcing it to confront and address this critical issue without fail.

Urgent Need for Mindray to Keep R&D Data Secure
According to Henry Wu, CIO of Mindray, “We need a suite of data security solutions that can provide extensive and comprehensive protection at the terminal and network levels.”

As such, Mindray compared solutions from different security vendors, and McAfee’s data protection portfolio of products stood out against the competition due to exceptional overall performance. Henry Wu said, “The data security solutions offered by other vendors only implement data loss protection at either the terminal level or at a certain point of the network. In contrast, McAfee’s solutions provide a broader scope of protection and deliver superior performance in all aspects, including host data loss prevention, host-based encryption and file encryption. Most importantly, McAfee’s products can carry out thorough scans and identify any previously unknown security breach.”

McAfee Solution
After an analysis of the data security requirements, McAfee’s security experts helped Mindray Medical deploy a suite of data loss prevention products, including McAfee Network Data Loss Prevention Monitor, McAfee Network Data Loss Prevention Discover, McAfee Network Data Loss Prevention Manager, McAfee Host Data Loss Prevention and McAfee Endpoint Encryption. McAfee Data Loss Prevention (DLP) delivers the highest levels of protection for sensitive data, while significantly mitigating data risk and reducing the cost and complexity of safeguarding business-critical information.McAfee data protection is delivered through low-maintenance appliances and the McAfee ePolicy Orchestrator (ePO) centralised platform, for streamlined deployment, management, updates, and reports.

Unrivalled Data Protection
McAfee DLP prevents accidental and malicious leaks or disclosure of sensitive information by internal employees or hackers, thereby shielding corporations from the risks of financial loss, brand damage, regulatory non-compliance and other risk factors. This solution works just like a ‘security camera’, which enables IT administrators to monitor critical data flowing through the corporate network effectively. Besides that, this ‘camera’ carries out a thorough scan and identification of unknown data security risks and alerts the administrators of any discovered issues, so that preventive measures can be taken in advance.

Complete Protection Across All Layers of Infrastructure

McAfee DLP can operate under most major operating systems, to protect confidential information located within the entire network (servers, databases and all terminal devices). McAfee Host DLP enables discovery of users copying large number of files or transferring them to other machines through file sharing. Additionally, McAfee Network DLP allows detailed analysis of data sent out of the network by users. With these two types of protection in place, data breach sources can be identified quickly, and sensitive information transferred via removable storage devices, email, instant messaging or any other channels can be monitored strictly, to such an extent that even disguised data cannot bypass security policies.

The data security solutions offered by other vendors only implement data loss protection at either the terminal level or at a certain point of the network. In contrast, McAfee’s solutions provide a broader scope of rotection that includes host data loss prevention, host-based encryption, file encryption and other key features. Most importantly, McAfee’s products can carry out thorough scans and identify any previously unknown security breach.

Henry Wu
CIO, Mindray

Centralised Management Through ePolicy Orchestrator

Management of the entire security risk management portfolio is streamlined via a centralised console. What is so special and unique about McAfee is the tight and seamless integration of the various security features. Take, for instance, the integration between McAfee Network DLP Discover and McAfee Network DLP Monitor appliances: Detailed classification, indexing, and storage of all network traffic (not just information that violates real-time policies) by the McAfee Network DLP Monitor appliance enables Mindray to quickly leverage historical information for an understanding of what data is sensitive, how it is being used, who is using it and where it is going. Additionally, information can be scanned and analysed thoroughly based on historical data, to detect and identify the existence of previously unforeseen risks and data vulnerabilities. This, together with McAfee Network DLP Discover, can determine the network storage address and owner of data.

McAfee DLP Ensures Maximum Data Security

Complete Monitoring and Prevention
Mindray has a strict set of rules and regulations on information security, which was never actually implemented due to lack of proper monitoring and management tools. The deployment of McAfee DLP solved its problem by equipping its IT administrators with the required tools. Moreover, McAfee’s solution has also resulted in an invisible deterrent, whereby employees are proactively avoiding non-compliance after knowing the existence of such tools. Soon after deployment, the number of non-compliance incidents dropped significantly, and its employees have developed good data protection awareness and a culture of voluntary protection of the company’s research and development achievements.

With regards to this, Mindray’s CIO Henry commented, “In terms of host data loss prevention, McAfee DLP can monitor and control massive data transfers relatively well, improve visibility of potential non-compliance incidents and help regulate employee conduct. These have allowed the company to implement its policies, protect its confidential information and contributed to the advancement of its business development.”

Significant Contribution to the Advancement of the Company’s R&D Activities
Previously, Mindray had to implement numerous security measures to prevent data loss. Following the deployment of McAfee DLP, the company can now anticipate risks better and simplify access control, to increase the productivity of the developers without jeopardising data security. Supported by the management and staff of the research and development department, this IT initiative has contributed significantly to the advancement of the company’s R&D activities.

Comprehensive Incident Reporting
After scanning, analysing and classifying the network traffic, McAfee DLP will store all relevant information in a dedicated database. An intuitive interface is available for Mindray’s IT administrators to search and view detailed information reports on the sender, destination, transmission method and other information pertaining to data flowing through the network. The IT department will share these reports with the research and development department, to allow them to determine any breach of information, as well as the destination and method of the breach and measures to address these threats.

Mindray’s CIO Henry concluded, “Deployment of data loss prevention products usually require considerable manpower and economic costs, and the results are highly controversial. McAfee DLP can meet our current needs and allows us to review and perform multidimensional analysis on historical data, to uncover any hidden risks or vulnerabilities. We think that this is an effective investment with high payoff.”

Mindray

Customer profile

Leading researcher, developer and manufacturer of hightechnology medical devices

Industry

Medical

IT environment

1,500 personal computers and 40 servers

Challenges

Protect cutting-edge R&D technology data and prevent leaks or disclosure of business-critical information

McAfee solution

  • McAfee Network DLP Monitor
  • McAfee Network DLP Discover
  • McAfee Network DLP Manager
  • McAfee Host DLP
  • McAfee Endpoint Encryption

Results

  • Enhances compliance and ensures effective implementation of the company’s security policies
  • The data protection features help the company mitigate data asset risks and reduce the overall operational expenses associated with managing and maintaining the solution, which, in turn, contribute significantly to its business development