FIREMON DELIVERS
Centralized Firewall Management & Continuous Compliance
While facing a demanding audit schedule, Convey Health Solutions decided to adopt the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. Convey chose FireMon to help achieve HITRUST CSF as well as alleviate the effort and timeframe of compliance audits through a comprehensive and flexible framework of prescriptive and scalable security controls.
Use Cases
Industry: Healthcare
100%
PCI-DSS Compliance
66%
Reduction in time to produce accurate compliance reports
150+
Shadow rules identified and removed
The Challenge
Housing over 40 decentralized firewalls while relying on time-consuming and error-prone manual processes, Convey Health needed a solution to help ensure they maintained all their regulatory compliance requirements despite a grueling audit schedule.
The company sought to:
- Achieve HITRUST CSF certification and PCI-DSS compliance
- Conduct a full rule cleanup to remove redundant, overly permissive, and unused rules
- Automate change management processes, clean up rule bases, and improve reporting
- Eliminate error-prone and time-consuming manual processes
About the Company
Convey Health Solutions is a specialized healthcare technology and services company that provides clients with healthcare-specific, compliant member support solutions utilizing technology, engagement, and analytics. Their healthcare-focused teams help several million Americans each year to navigate the complex Medicare Advantage and Part D landscape.
The Solution
FireMon added centralized firewall management, real-time visibility, and highly- customizable reports to the company’s multi-vendor environment.
- A single pane-of-glass policy management console for unified policy visibility and management
- Out-of-the-box and customizable compliance assessments, automated rule documentation and reporting, as well as workflows for rule review and recertification
“With FireMon tracking compliance for us, we were able to shrink our overall audit time by two-thirds of our original schedule. Additionally, we were able to clean and push out almost 300 rules that had not been reviewed in over three years.”
Patrick StoehrManager, Data Network Services
Results
- Achieved continuous compliance with automated, real-time checks across 350+ custom controls and regulatory standards
- Eliminated error-prone and time-consuming manual processes
- Visibility for real-time network behavior and traffic flow analyses
- Reduced risk by removing redundant, overlapping, or unused rules
- Ability to deploy rules directly to devices with a single click
