Cisco UK & Ireland Blog

Why we’ve loved helping secure data, devices and operations across Scotland’s largest health board  

August 23, 2019

John Shaw


John Shaw from our Scotland team discusses what makes a successful  security implementation, why security is particularly critical for health and care organisations like NHS Greater Glasgow and Clyde – and why implementations like this matter so much to us.


Security across the board

Cybersecurity breaches, malware, ransomware, hacking, phishing… as we’ve become increasingly connected in every area of our work and lives, so has the potential for security compromise.

But when you’re one of the biggest NHS health and care organisations in the UK and the largest health board in Scotland; keeping people, data, devices and networks secure takes on a whole new meaning.

With nearly 40,000 staff delivering healthcare services to a population of over a million; maintenance and availability of clinically critical IT functions all day, every day is essential for NHS Greater Glasgow and Clyde (NHSGGC). Add multiple sites – including open sites – to the mix and you’ll get an idea of the day-to-day security challenges faced by the ICT/IT team, which includes Head of E-health Operations Calum Morrison and Alex Rough, Technical Services Manager.

Balancing data access with data safety – and user experience

For any healthcare organisation, accessing and sharing confidential information is vital for effective care delivery. But keeping sensitive patient data safe and accessible only to the right people is equally important.

Getting the balance right is hard, particularly when the sector remains vulnerable to hackers and other security breaches. This was a major consideration as NHSGGC started to realign its e-health organisation and look to overhauling its security posture.

And like most NHS ICT departments, being short on both resources and time meant that any new security solution had to maximise security while maintaining operational simplicity – and with no negative impact on hard pressed staff, such as slowing down PCs or other devices.

Maximum security, minimum impact, ‘astonishing’ capability

So, we were delighted when Calum, Alex and the team turned to us. In response, we developed a security enterprise agreement (EA) covering Glasgow, Lothian, Tayside – 50% of Scotland in fact. NHSGGC then selected products and services from the EA; more information on this can be found here. From there, deployment was relatively quick as the team was keen get started.

And since then, there has not been a single security incident or adverse event.

The team can now detect and quickly respond to phishing and other email-related threats, while also knowing they protected against advanced threats like ransomware. And improved visibility means they can identify and deal with any threats anywhere as they appear.

For Calum, our security reporting capabilities are ‘astonishing’, which is music to our ears. He also notes that the suite’s inherent functionality has “almost entirely removed some of the previous pain points” while also offering insights into potential issues they might not have known about before.

As Alex puts it: ‘…it’s the closest thing to taking the worry out of cybersecurity”. It also allows the team more time to focus on other areas of their work, giving them back precious time.

From our perspective

It takes a whole team to successfully complete an implementation on this scale – too many people to mention here. However, the sterling work of our colleagues at Capita – Scotland Partner of the year – played a vital role, alongside our own security expert Steve McKee, who worked ceaselessly to get the job done to the best of our capabilities.

It’s great for us as individuals and the whole Scotland team when we win a deal. And it’s heartening when an implementation goes well with no hitches.

However, what really matters to me/us is when we take our technology into a public sector organisation and within a short space of time its users start deriving benefits that save them time, money and improve their working conditions. Even better, when those benefits have wider implications, contributing to the effective delivery of patient care.

We’ve given the team greater reassurance about the vast amount of patient information contained across their organisation, and those clinically critical solutions that are imperative to both care delivery and people’s day to day work.

That’s why deployments like this matter so much to us.

However, the final word must go to NHSGGC’s Alex Rough (video spoiler alert):

“Using the Cisco product set is the closest thing to taking the worry out of cybersecurity and we can get on with other stuff – and that for us is a huge gain”.

Which is the very best reaction any security technology vendor can ever hope to hear.


Find out more about our security and our health and care solutions –  and don’t forget to visit our dedicated health and care security webpage.


Leave a comment