Enterprise Security Assessment

For a Specialized Healthcare Provider

Enterprise Security Assessment

A specialized healthcare provider completed an annual security assessment to evaluate its current security posture, including identification of vulnerabilities, the security impacts of regulatory standards implementation, and other security practices across the organization. A world-leading hospital and research center, the organization is intent on providing the highest level of service to their patients while maintaining strict confidentiality standards. To ensure that their processes and systems were optimized to meet these standards, the provider engaged RedLegg to perform an independent Enterprise Security Assessment.

RedLegg’s Security Team performed an in-depth analysis that included a HIPAA gap assessment, penetration testing, and evaluating social engineering awareness.

RedLegg uncovered many exceptional practices at the organization, including an established culture of due diligence.

However, risks were discovered in specific areas. The first risk was the use of multiple mobile devices and home devices per user accessing corporate email as well as sensitive docs. The second risk was the printer that was in main view and access of the waiting room where documents could easily be read & taken.

Using thorough assessment procedures and communication strategies with stakeholders, RedLegg enabled the organization to immediately address HIPAA-related issues and implement key security practices that corrected the root causes which created risk.

The Enterprise Security Assessment enables you to measure and level-set your organization’s current security posture, which can serve as a baseline for future assessments. If your company is a veteran at yearly security assessments, RedLegg provides cutting-edge threat intelligence, network enumeration, threat modeling, and both manual and automated application testing that many other security service providers fail to provide. RedLegg also offers cybersecurity awareness evaluation and training for personnel handling confidential information.