Q1 Labs Selected By Four Healthcare Institutions to Protect Their Networks

Q1 Labs(TM), (www.q1labs.com), a leading network security company, today announced that four healthcare organizations have selected its QRadar(TM) software to provide surveillance, analysis and control of their networks and to facilitate HIPAA compliance. The most recent list of healthcare-industry customers using the QRadar product includes:

— Borgess Health Alliance
— M-CARE
— Rex Healthcare
— San Francisco Department of Public Health

By April 2005, healthcare organizations must comply with all provisions of the HIPAA Security Rule. The Security Rule’s many requirements include detecting and stopping network intrusions and unauthorized access to confidential information, protection against malicious software like worms and the implementation and enforcement of formal security policies and procedures. The Q1 Labs’ flagship product, QRadar, delivers a comprehensive network security solution that can help healthcare organizations comply with key provisions of the HIPAA Security Rule. QRadar provides a unique solution that continuously monitors and audits network behavior and identifies inappropriate and non-compliant internal or external activity.

“QRadar is a key piece of our plans for achieving full compliance with the HIPAA Security Rule. Other security and network infrastructure technologies that Borgess evaluated did not have the range of internal security capabilities, auditing controls and behavioral mechanisms necessary to meet important provisions of HIPAA,” said Robert Brown, Ph.D, director of information security, privacy and HIPAA compliance for Borgess Health Alliance. “With QRadar, Borgess can detect and investigate significant events occurring anywhere in our network of over 3000 computers. We have already used the software to stop two virus/worm outbreaks within minutes of the first PC on the network getting infected. One of these events was a worm for which updated signature files for our virus checking software had not even been released, let alone loaded onto our machines. QRadar will be critical for detecting and containing zero-day exploits and other threats that get past older protection technologies like firewalls and virus checkers.”

QRadar: A Key Product to Assist in HIPAA Security Rule Compliance

QRadar provides healthcare organizations with ten ways to comply with HIPAA’s Administrative Safeguard Requirements and Technical Safeguard Requirements. It does so through a complete network security overview, enhanced by behavior-based, real-time analysis. QRadar profiles the behavior of systems, applications and users, learns normal patterns and recognizes anomalies–whether they originate from security breaches or internal network misuse. QRadar quickly isolates the source and identifies corrective measures for the critical dangers that might lead to HIPAA non-compliance. It provides:

— Continuous activity monitoring, without installing server or desktop agents or altering existing applications.
— Comprehensive auditing of all transactions traversing a health care organization’s network.
— Real-time access to months of activity for rapid incident response.
— Comprehensive auditing of all transactions entering a healthcare organization’s network that obviates the need to rely on limited and cryptic firewall logs.
— Real-time threat and risk analysis for internal and external threats coupled with historical reporting that documents changes to threat and risk posture.
— Continuous tracking of inappropriate internal activity, such as insider attacks, stealthy scans and inappropriate attempts to access electronic protected health information (EPHI) servers.
— Detection of new and unidentified external threats, such as worms and Trojans that could initiate a malicious disclosure of EPHI.
— Alerting for violations of internal policies, such as non-compliant application usage. — Automatic detection of new assets (e.g. servers) that should be classified and assessed for regulatory compliance.
— Detection of HIPAA-compliance violations like clear-text passwords.

“The response Q1 Labs has received from the healthcare industry validates QRadar’s ability to help customers resolve security incidents, monitor all internal and external activity and provide clear audit trails that meet HIPAA Security Rule requirements,” said Shaun McConnon, CEO of Q1 Labs. “With no need to deploy agents or modify applications, the QRadar product is simple to deploy and inexpensive to maintain.”

For more information about how Q1 Labs can help companies comply with the HIPAA Security Rule, a whitepaper, titled “Demonstrating HIPAA Security Rule Compliance,” is available for download at http://www.q1labs.com/resources/white_papers.html.

About Q1 Labs

Commanding a unique position at the nexus of security and the network, Q1 Labs provides organizations with the surveillance, analysis and control technology needed to eliminate external threats and internal policy enforcement risks. Q1 Labs’ innovative product, QRadar, features intelligent, behavior-based, real-time analysis that recognizes and isolates the source of threats and anomalous behavior caused by security breaches or unacceptable internal activity. Q1 Labs’ installed base of customers includes government agencies, academic and financial institutions, energy, service providers and healthcare providers. Recent Q1 Labs accolades include winning Network Computing’s prestigious “Well-Connected” award, being named to the Red Herring 100, achieving five stars in a recent SC Magazine review, the top grade in a Secure Enterprise review, and selection as a “Hot Pick” in Information Security Magazine. Led by a strong and seasoned security management team and based in Waltham, MA, Q1 Labs has raised more than $29 million from Menlo Ventures, Polaris Venture Partners, Globespan Capital Partners, BDC Venture Capital and the New Brunswick Investment Management Corporation. For more information please visit http://www.q1labs.com or call 1-781-250-5800.

Copyright(C) 2004 Q1 Labs Inc, QVISION and QRadar are trademarks of Q1 Labs Inc. All other trademarks, registered trademarks and service marks are the property of their respective owners