Scribd
Upload
44 views18 pages

SRT86 Application Control - An Implementation Case Study

The presentation discusses the implementation of application control software in Epic environments, emphasizing its importance for enhancing system security and reducing malware risks. It outlines the goals of application allowlisting, the deployment process, and ongoing maintenance strategies. The presenters also highlight the need for collaboration with security teams and the challenges of maintaining security in dynamic environments.

Uploaded by

emily8442
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
44 views18 pages

SRT86 Application Control - An Implementation Case Study

The presentation discusses the implementation of application control software in Epic environments, emphasizing its importance for enhancing system security and reducing malware risks. It outlines the goals of application allowlisting, the deployment process, and ongoing maintenance strategies. The presenters also highlight the need for collaboration with security teams and the challenges of maintaining security in dynamic environments.

Uploaded by

emily8442
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

Distribution Notice:

The author of this presentation requests that you share this presentation
only within your organization. Do not reproduce, post, or make any
portion of this file available for use outside of your organization without
first receiving the permission of the author.

2023
SRT86
APPLICATION CONTROL:
AN IMPLEMENTATION
CASE STUDY

Presenters
Zac Craig, Chris Hoffmann,
Jason Rhoades, CL Mai
Presenters

Zac Chris Jason CL


Craig Hoffmann Rhoades Mai
Learning Objectives

1. Outline the importance of using application control software


across Epic environments.
2. Identify opportunities to improve system security though
application control solutions.
3. Describe how to implement or maintain application control
deployments
What is Application Control?

⮞ Application allowlisting

⮞ Proactive approach to security

⮞ Blocks unauthorized software


and scripts
Securing Your Epic Environment (SEER)

⮞ Zero-trust
⮞ Reduce the cost of malware
attacks
⮞ Less risk and complexity
⮞ Significant control
over environment
Useful Links
⮞ NIST
✦ Guide to Application Whitelisting (nist.gov)

⮞ Galaxy and UserWeb


✦ Implementing Application Control
✦ Overview of Security Features in Epic Software
✦ Security Documentation Library
✦ Antivirus Configuration Guide
✦ Hyperspace Security Best Practices
✦ Ransomware
✦ Working with Epic During Security Incidents
✦ Security Considerations for Different Epic Client Access Methods
Application Control:SRT86

Academic | Morgantown, West Virginia | May 2022 (heading to May 2023)

24 H O S P I TA L S 1140 CLINICS 4400+ P H YS I C I A N S

2,743 B E D S 5,459,861 O U T PAT I E N T V I S I T S XX PAT I E N T S

Live since 2007 | ECP | Active-Active Data Center | 99.99% Citrix Published App
Our Epic Ecosystem
⮞ Epic is our primary EMR ⮞ Collocated and Adjacent
for Inpatient and Applications
• Imprivata Onesign/EPCS
Outpatient workflows. • Quanum DMS
✦ Not using these Modules • Fuji PACS
• Cheers • 3M360
• Beans • Citrix
• IGEL
• Bones • M*Modal
• Kaleidoscope • Microsoft
• Lumens • Formfast
• Wisdom • PrinterLogic
• Rehab • Muse
Security and Epic
⮞ Goal with AppControl Implementation
✦ Balance Usability and Security
✦ Sustainability and Flexibility

⮞ Limits and Controls described by policy


✦ Work with CISO/IRT
✦ Limit impact to performance
Application Allowlisting - Overview
⮞ Application Allowlisting Goals
✦ A foundational aspect of a Zero-Trust environment
• Default Deny
• Software Catalog
✦ Prevention of unwanted changes to endpoints
✦ Protection against file-based attacks
Application Allowlisting - Deployment
⮞ Deployed VMWare Carbon Black App Control in 2018
✦ SCCM utilized for deployment of sensor
✦ Initial deployment to all Windows Server operating systems
✦ Expanded to legacy OS’s shortly after
✦ In 2020, expanded to remote worker devices
✦ Currently deployed to approximately 9,000 devices
Application Allowlisting - Implementation
⮞ Initial Phase: Monitoring and File Creation Rulesets

⮞ Second Phase: Approving Epic Systems Applications

⮞ Final Phase: Tuning


Application Allowlisting - Maintenance
⮞ Certificate Maintenance
⮞ Local Approval
✦ à la carte
✦ Scheduled
• Device Groups
• Timing
⮞ Ruleset Management
Ongoing Support
⮞ Static Environments are a dream
✦ Always something new
✦ M&A
✦ Tracking what's in use

⮞ People into the process


✦ How do we integrate the IRT and ECSM groups?
✦ Who’s Who?

⮞ Troubleshooting
✦ Shared Understanding of our security goals
✦ Keeping track
Ongoing Support
Q&A
WRAP-UP
C O N TA C T I N F O :
Zac Craig | z a c h a r y. c r a i g @ w v u m e d i c i n e . o r g
Chris Hoffmann | C h r i s . H o f f m a n n @ w v u m e d i c i n e . o r g
Jason Rhoades | j a s o n . r h o a d e s @ w v u m e d i c i n e . o r g
CL Mai | C L @ e p i c . c o m

You might also like