Case Study: UAB Health System strengthens data security compliance with DeviceLock and IronKey

(UAB) Health System - Customer Case Study

UAB Health System, a large and complex healthcare organization, needed a better way to secure data across its mixed Novell and Microsoft network environment while meeting HIPAA and HITECH requirements. After evaluating end-user data handling practices, the health system turned to DeviceLock endpoint security controls and IronKey encrypted USB devices to address risks tied to removable media and portable storage.

DeviceLock first ran in observation mode for more than a year, using auditing, shadowing, and forensic reporting to identify where data loss was occurring. Based on those findings, UAB Health System moved into enforcement mode with DeviceLock, limiting users to approved encrypted devices and whitelisting specialty USB medical devices. The result was a more cost-effective endpoint device management strategy that aligned security policies with compliance goals and helped prevent data exposure even if portable devices were lost or stolen.

UAB Health System