Wave Systems Corp. (NASDAQ:WAVX www.wave.com) announced today that Northern Health and Social Care Trust of Northern Ireland has deployed self-encrypting drives (SEDs) managed by Wave's EMBASSY® software to protect sensitive and confidential personal health information (PHI) stored on 600 laptops today (rising to 700 laptops within the next nine months). Despite access to more readily available software-based encryption with lower upfront costs, Northern Trust determined that SEDs could be deployed faster—and were more cost-effective over the long term.
"We performed tests to get a sense of how software- and hardware-based encryption technologies compared," said Pat Black, Northern Trust's Manager for ICT Network and Security. "We found that, when installing a software solution, it took close to three hours from start to finish to deliver a fully secured and completely encrypted laptop, if the software-based encryption doesn't encounter any issues such as bad disk sectors etc. With SEDs, it's closer to 30 minutes. Multiply that by 600+ laptops and you get a sense of what drove our decision."
"But it's not just a question of saving resources within ICT," Black continued. "There's the associated issue of providing a better service to our frontline health & social care delivery staff. SEDs not only allowed us to deploy a solution more quickly, it protects our staff, the public and the organisation with the best-of-breed data security available on today's market."
Delivering health and social care services to nearly half a million people spread over a third of Northern Ireland, the Trust employs 12,000 staff across 150 locations, including nine acute care hospitals. As part of their mission to deliver top quality health and social care services, Northern Trust personnel routinely collect and handle sensitive and confidential patient data
In response to a regional Department of Health mandate to secure all portable computers, all Health and Social Care Trusts were provided with a centrally procured software encryption solution. "We closely reviewed the regional solution, but it wasn't something I was very keen to deploy," said Black. "Given the time required for installation and configuration, we lacked the staff resources to deploy it, which is where the actual costs come in."
Black explored alternative encryption solutions, including other software products. Eventually, he approached Northern Trust's laptop provider, Dell™, about the SED technology it offers as an option on business models. SEDs store encryption keys within the drive hardware itself. Since the keys never leave the drive, SEDs are not susceptible to traditional software attacks. In addition, they have little to no effect on a laptop's operating resources, ensuring ironclad data security that remains transparent to the laptop's end user. Wave's EMBASSY software would enable Northern Trust to activate SEDs within minutes — instead of the hours reported to be required for software-based encryption.
This helped build a secure business case to convince Northern Trust senior executives to make an exception, allowing Black to substitute SED technology in place of the encryption software provisioned centrally to all Northern Ireland's Health & Social Care organisations.
Today, Wave software provides Northern Trust with a centralized platform for enterprise-wide management of its SED-equipped laptops. It allows Black and his staff to establish security policies, limit access to authorized users and provide audit-trail proof that data remains safe in the event of a lost or stolen laptop.
"Our experience with SED-equipped laptops managed by Wave technology has been extremely positive," said Black. "The truth is that it's proved to work every bit as well as we had anticipated it would. We've since invited other organisations to come and look at it: We'll show you how it works. We'll show you that it does work."