With around 170 healthcare facilities nationwide, Asklepios is one of the largest private clinic operators in Germany. Their strategic focus is developing future-oriented medicine for all patients of the highest quality standards. The Asklepios Clinics Group includes hospitals, specialist clinics, psychiatric clinics, medical care centres, as well as post-acute and rehabilitation clinics. Organizations in the healthcare sector are faced with the challenging task of meeting highly complex requirements for IT password management. They must be able to manage, monitor and control privileged credentials and control access to on-premises, cloud and hybrid infrastructures.The IT devision of Asklepios Kliniken uses BeyondTrust Password Safe for efficient and secure password storage, session management and allocation of credentials.
In the Asklepios Kliniken group of companies, internal IT employees require protected access to server systems. In order to comply with comprehensive compliance guidelines, legally compliant logging of all administrative work is indispensable. “As an integrated, digital health group, we must always be able to track who worked with which server and when, even with external partners,” emphasized Felix Diroll, Head of Server Team of the IT division at Asklepios Kliniken. “Together with the highly specialized IT service provider N3K Informatik GmbH, we have found the right security solution that enables policy-compliant management of passwords and user privileges.”
BeyondTrust Password Safe can discover, manage, and monitor all privileged credentials, as well as ensure complete control and traceability of privileged accounts. This allows the Asklepios clinics to ensure the protection of passwords and login data that provide access to business-critical IT systems. As part of the ISO certification criteria, assigned passwords expire after a specific time
The enterprise solution provides full logging of all activities and sessions to meet IT compliance requirements, ensuring easy deployment, use, and maintenance with reliable automation. To meet compliance guidelines and forensic analysis at Asklepios Kliniken, the activities and meetings requiring documentation can be logged and monitored in consultation with the works council. To comply with the legal archiving obligation, data is stored tamper-proof for ten years and then completely deleted.
BeyondTrust helps Asklepios comply with IT security standards even in decentralized business environments. Password Safe works with a wide variety of clients to exchange passwords on the selected target systems and assign permissions. The solution also solves challenges in the rotation and assignment of privileged access data at remote locations.
As typical for hospitals, clinics, and the entire healthcare sector, Asklepios must also enforce the highest security standards in terms of data storage and treatment of personal information. The legal and industry-specific requirements for reliability and fire protection, for example, stipulate that the hardware servers used must be protected at different locations and even against aircraft crashes.
BeyondTrust integrates seamlessly into this particularly demanding IT landscape and meets the relevant certifications and criteria catalogs. With Password Safe, IT managers who work throughout Germany can intelligently organize their IT assets and accounts, reduce manual effort and maintain security control over their IT systems.
In the first phase, Password Safe was deployed on 600 IT systems to simplify management of credentials. Based on the positive practical experience with the credential management and automation functions on different platforms, Asklepios decided after six months to expand the implementation to over 3,000 systems.
In the next phase, the holistic approach of the solution to privileged access management (PAM) is to be more closely integrated to accompany remote access by external users with administrative rights in accordance with the guidelines.