Weill Cornell Medical College Relies on Rapid7 Nexpose for a Secure Environment

• Cybersecurity & Privacy - Endpoint Security
• Cybersecurity & Privacy - Network Security
• Cybersecurity & Privacy - Security Compliance

• Business Operation
• Facility Management

• Software Design & Engineering Services
• System Integration

Weill Cornell Medical College, located separate from the main university campus, serves as an academic medical center requiring HIPAA compliance. They have complex IT security needs and needed a solution to prioritize and protect from threats as well as grow with the college.

Weill Cornell Medical College is a prestigious academic medical center located in New York City, distinct from the main university campus in Ithaca. The IT staff at Weill Cornell operates with a high degree of independence, managing a diverse and demanding set of computer operations. The college not only supports its own administrative departments but also extends its IT services to NewYork-Presbyterian Hospital. This dual responsibility necessitates a robust and secure IT infrastructure capable of meeting the stringent regulatory requirements of both higher education and healthcare sectors, including HIPAA compliance. The college's IT environment is complex, involving multiple platforms such as UNIX, Windows, Mac, Linux, and OS-10 servers, which require comprehensive and continuous security management.

Weill Cornell Medical College implemented Rapid7 Nexpose to address their complex IT security needs. The solution simplified the scanning process and provided better visibility into their network. Automated functions like calendaring allowed for precisely timed scans without requiring manual intervention from engineers. The Rapid7 support team assisted with the installation, and within a week, the college was receiving meaningful information about their systems. By the end of the first month, they were scanning all necessary systems across their network. The core strengths of Rapid7 Nexpose include its thoroughness, ability to update itself automatically, and its comprehensive reporting capabilities. These features enable Weill Cornell to prioritize and remediate risks effectively, ensuring that their IT infrastructure remains secure and compliant with regulatory requirements.

• The implementation of Rapid7 Nexpose significantly improved productivity by automating the scanning process, reducing the time required for manual scans to nearly zero.
• The calendaring feature of Rapid7 Nexpose allowed for precise scheduling of scans, ensuring that they were conducted at the optimal times without manual intervention.
• The software's ability to update itself automatically and generate comprehensive reports made it easier for IT staff to prioritize and address security vulnerabilities.

• Zero time taken to do scans with the calendaring feature.
• Approximately 1,000 systems scanned every week.