HIPAA News

Faith Baptist Bible College Selects ConSentry for Regulatory Compliance and Access Control

(Jan 07,2008)-- ConSentry Networks announced that Faith Baptist Bible College and Theological Seminary has selected the ConSentry LANShield solution to ensure regulatory compliance and provide security for its approximately 600 students, staff, and faculty. With a history dating back to 1921, and located in Ankeny, Iowa, since 1965, Faith Baptist offers biblical, vocational, and general undergraduate courses as well as graduate degrees in Pastoral Studies, Biblical Studies, and Theological Studies.

Because it stores records containing personal and medical information about its students, explains George Dougherty, chief technology officer at Faith Baptist, the school must comply with several kinds of federal regulations. One is the Health Insurance Portability and Accountability Act (HIPAA), which safeguards the privacy of personal health information, and another is the Family Educational Rights and Privacy Act (FERPA), which protects family and student educational information. While the school has not experienced any security issues, Dougherty wanted to provide the highest level of security to ensure compliance and protect the privacy of both student and school information. In his search for a LAN security solution, Dougherty tested several systems, only to find that they did not perform as claimed.

With ConSentry LANShield, however, “I was delighted to see that running all the traffic through the system had no impact on network speed,” Dougherty stated. “All the features performed as promised – in both function and network speed.” The LANShield solution will cover five dorms, eight apartment buildings, educational buildings, faculty offices, a combined convocation and gym/fitness center, and maintenance and technology offices – all of which incorporate a wide variety of wired and wireless configurations.

At the start of every school year, Dougherty’s staff has traditionally checked every computer on campus for viruses and the presence of updated anti-virus software to prevent security problems. “It was time intensive for our staff, and it took two to three weeks for us to get people onto the network,” said Dougherty. “We had unhappy students, faculty, and staff because of the lack of connectivity. Plus, since everyone uses laptops now that connect from all sorts of locations, that initial check is an exercise in futility since anyone surfing the Internet can pick up viruses in real time.”

In addition to providing ongoing checks for viruses and ensuring users have updated virus protection software on their machines, the ConSentry platform will provide two other key features for Faith Baptist. Dougherty plans to use the LANShield platforms to “increase the granularity of network processes and create a trail of who goes where and when,” he said.

Faith Baptist learned about the ConSentry platform from its partner, CompuNET International, a higher-education and networking solution provider in the Upper Midwest. CompuNET International demonstrated the value of ConSentry’s extensive visibility and control, which ties users to their roles and applications and applies policies to each session. “Faith Baptist previously had focused its security outside,” said Scott Johnson, senior account manager at CompuNET. “With ConSentry LANShield, the college now has LAN security from the inside out.”

The LANShield solution uses its deep packet inspection to admit users onto the LAN, provide visibility into LAN activities, control access based on identity, and contain malware and other attacks. LANShield’s InSight Command Center captures network data and aggregates it into a dashboard, displaying key security incidents with both at-a-glance summaries and detailed views. InSight also enables rapid forensic troubleshooting, auditing, and reporting.

In addition to identity-based user access and policy-based controls, LANShield offers roles-based LAN segmentation, without the need for VLANs or access control lists (ACLs), for individuals and groups to ensure only approved individuals have access to specific information and resources. These controls, as well as the per-user tracking, will significantly ease the school’s work in complying with HIPAA and FERPA.

Share or bookmarklet this web page at: