Hawaii Pacific Health (HPH) is the second largest private employer in Hawaii with approximately 5,000 people on staff. It is a non-profit medical system that provides high quality healthcare and healthcare services to the people of Hawaii and the Pacific Basin. The organization manages hospitals and clinics throughout the Hawaiian Islands.
Problem: Block spam without catching legitimate email
For any large organization that relies on email, email systems are a prime target for costly attacks, including inbound threats such as spam, viruses, hacking, worms and Trojans, and outbound threats that risk regulatory sanctions and data loss. For HPH, the measures used to block spam were also interfering with legitimate email. “We had issues with legitimate email being blocked and spam slipping through,” explains Alex Georgiev, network and systems administrator for HPH. “The product we were using was very good at blocking viruses, but we couldn’t find the right balance between blocking spam and allowing legitimate mail. The product would either block a lot of legitimate email or it would allow the legitimate email to reach the desktops along with a high volume of spam.”
Even when spam isn’t connected with more serious intrusions, it can still have an insidious impact on IT productivity. “The cost of spam really comes down to the fact that people open help desk calls to cope with it,” continues Georgiev. “So you end up just dealing with people and explaining that you’re trying to make this work. It’s really all about wasted support time.”
To address this problem, HPH purchased McAfee Email Gateway (IronMail) from the McAfee Network Security Business Unit (formerly Secure Computing). “We looked at all the well-known vendors, and McAfee Email Gateway was the best product for the best price,” remembers Georgiev.
McAfee Email Gateway combines the critical elements of comprehensive email security into a single hardened appliance that sits in front of an existing mail server and provides immediate relief from inbound and outbound threats. “Blocking the inbound email threats is where we need to be proactive,” Georgiev comments. “We concentrate most of our resources here because we can’t rely on the end-user to help us out.”
McAfee’s reputation-based technology, TrustedSource, is integrated into McAfee Email Gateway. HPH relies heavily on TrustedSource as a means to accurately detect and prevent email-borne attacks before they enter the network. HPH has realized more than 99 percent spam detection rate, with 80 percent of incoming email blocked upfront using TrustedSource global reputation intelligence. “That’s an enormous benefit in terms of reducing the CPU cycles the box uses,” Georgiev elaborates. “It minimizes appliance fatigue. It also saves network bandwidth. We block about 350,000 spam messages in a week across 4,500 email addresses and the majority are based on recipient rejection.”
Another important advantage of McAfee Email Gateway that HPH realized is a ZERO False Positive rate. Spam does not make it to the user’s inbox, and no business emails are inadvertently blocked as spam.
"We’ve found McAfee delivers excellent value as compared to other vendors in the market. McAfee Email Gateway is priced well, feature-rich, flexible, and high quality. The support organization is also very, very good."Alex Georgiev
Network and Systems Administrator, Hawaii Pacific Health
Protecting outbound sensitive information
Healthcare organizations must comply with a variety of state and federal laws regarding information privacy, including the Health Insurance Portability and Accountability Act (HIPAA). Although inbound email threats consume the lion’s share of HPH’s security resources, ensuring information privacy via outbound message control is still a vital concern.
“When it comes to outbound protection, we have marginal confidence our end user community has adopted our privacy guidelines,” notes Georgiev. “For example, we rely on the sender’s discretion to encrypt an email. Users are our first level of protection and we try to educate them.”
HPH had an encryption solution that was very buggy and required a reboot monthly. To reduce risk, HPH opted to replace this product with McAfee Email Encryption, Gateway Edition. The company also found financial benefits by selecting a single vendor for both inbound and outbound protection. McAfee Email Encryption, Gateway Edition provides HPH with policy-based encryption to protect sensitive information such as credit card and Social Security numbers (SSNs). “We monitor the outbound emails for a specific string, such as a Social Security number. If an SSN appears in an email, it is automatically encrypted,” says Georgiev.
Up next: McAfee Advanced Compliance Profiler
HPH has plans to deploy the newest release of McAfee Email Gateway to take advantage of a new, built-in feature—McAfee Advanced Compliance Engine. Advanced Compliance Engine employs sophisticated content analysis techniques like fingerprinting, lexical analysis and clustering to monitor and prevent data leaks.
This engine can be “trained” to automatically recognize sensitive information in more than 250 document types in eight languages. It can even identify documents that have been intentionally modified to escape detection or different versions of those documents without retraining McAfee Email Gateway on them.
“We’ve found McAfee delivers excellent value as compared to other vendors in the market,” concludes Georgiev. “McAfee Email Gateway is priced well, feature rich, flexible, and high quality. The support organization is also very, very good.”