NSFT relies on Veeam to ensure the availability of patient data and protect against cyber-attacks

NSFT is entrusted with some of its patients’ most private data. The Trust takes its responsibility seriously, making great efforts to minimize the risk of a data breach.

“Each day up to 5,000 users log into the Trust's clinical and business systems,” said Dave Jones, ICT infrastructure manager at NSFT. “If health workers can’t access our data, it could put patient safety at risk, so the stakes couldn’t be higher. We’ve also seen other healthcare organizations get targeted by cyber-criminals, so we're always looking to improve our data resilience.”

With a lean IT team and limited budgets, NSFT must control the complexity of its IT environment. The Trust set its sights on a powerful data protection solution that was easy to administer. 

NSFT chose Veeam to guard against data loss, empowering its clinicians to deliver an exceptional level of service to people in need.

“We’ve relied on Veeam for more than 11 years now, and it’s never let us or our patients down,” said Jones. “Because we’ve never had any issues with Veeam, we only have contact with them once a year when our annual renewal is due. They provide competitive quotes swiftly every time. We’ve stayed with them this long because of the quality of Veeam technology, which they continue to improve and add features over time.”

Using Veeam, NSFT backs up every application it hosts on-premises. That includes many critical clinical and business systems including ePMA, the digital system it uses to manage prescriptions. With Veeam, backups are completed within a couple of hours overnight, long before clinicians start work in the morning, so there is no risk of them over-running and affecting the experience of staff accessing systems.

“We host apps on-premises or in the cloud based on where they perform best and run the most cost-effectively. For our on-premises environment, we trust Veeam to provide the best possible protection.”

Every month, NHS information governance teams challenge NSFT to restore a random workload. Using Veeam, the Trust has a 100% track record of success. NSFT also had its cyber-resilience strategy reviewed by auditors with excellent results.

“It’s great to get third-party validation of our ability to protect and recover data seamlessly with Veeam,” said Jones. “We implemented immutable backups as soon as Veeam made them available, which enhanced our cyber-security capabilities significantly. NHS organizations are prime targets for cyber-attackers, and having tamper-proof backups helps us live up to the trust placed in us by our patients.”

NSFT is also using Veeam to drive down the management burden on its relatively small IT team, freeing up resources. Specifically, the Trust moved from having one engineer spend half their working day dedicated to backups to a ten-minute daily task.

“We’re able to use the time saved to invest in service innovation for our users,” said Jones. “For example, since deploying Veeam, we’ve enhanced our cybersecurity measures with more patching and proactive scanning of our systems for vulnerabilities. We’ve also accelerated our adoption of Office 365 and implemented Always On VPN, which supported remote access during the pandemic. By freeing us up to better support our users, Veeam contributes to a higher level of patient service.”

• 100% success rate in monthly data restore tests to date demonstrate NSFT’s high level of data resilience.
  “Each month we’re challenged to restore a random data workload and thanks to Veeam, we’ve never failed,” said Jones. “By ensuring our staff have what they need to support our patients, Veeam gives us unbeatable peace of mind.”
• Contributed to NSFT’s auditor-approved cyber-security strategy with immutable backups.
  Veeam ensures that the Trust’s backups are tamper-proof, enabling rapid, comprehensive recovery in the event of a cyber-attack.
• 96% reduction in the time spent managing backups helps optimize utilization of limited resources.
  Using Veeam, NSFT reduced the time spent on backups each day from half a day to ten minutes, freeing up time for the Trust’s busy IT team to spend on service innovation such as accelerating the roll-out of Office 365.