Locking down the network can be especially tough for health-care organizations, with their typical mix of paper and electronic records, the need for long record retention, and the move to digital imaging. With the passage of the Health Insurance Portability and Accountability Act (HIPAA) security rule last April, protection of electronic records has been shoved to the forefront. (HIPAA's privacy rule has been in effect for several years, depending on the size of the organization.)
For a health-care organization such as Kettering, HIPAA is huge, with specific security and patient privacy stipulations. Thanks to the regulation, which Burritt loves, by the way, Kettering underwent a major overhaul of its security infrastructure earlier this year, selecting and installing a variety of Symantec products and services for intrusion prevention, policy compliance, and client security.
It can be done, it can be used to drive new and better ways to do things, and you can get your front-line workers onboard.