NHS deploys Microsoft threat detection service on just 30,000 devices NHS Digital has yet to explain why it has taken months to roll out Microsoft's Enterprise Threat Detection Service (ETDS) to only about two per cent of the UK health service's targeted installed base. The ETDS element was included in a custom support agreement that covers all NHS orgs in the UK under a framework penned in …
[I do not work for the NHS]
Because you need to be very careful rolling this shit out to make sure you don't fuck up everything else.
The NHS will have thousands of applications and system to test before it can roll out something as invasive as security software.
I'm sure it makes a good headline for you and a nice soundbite for the politicians but you should ethically consider the technicians you are kicking in the bollocks with titles like this.
You be quick enough to flash up a story if they'd delayed operations because a botched roll out of ETDS to 6 millions devices borked 50% of them.
Ivory towers and glass houses etc etc
I do work for the NHS and I'm responsible for the rollout of this on ~2000 devices so it's one OU at a time and the leave the most critical to last. I had an email last week to advise they had seen some data coming through from the 1st test group I did and could I enable it on all devices now - Err, no...
It's not a software install, just a few group policy changes to send crash reports to a different server to normal which can then request addtional data from the device.
I do work for the NHS, now correct me if i'm wrong,
ETDS only provides anything usefull when it gets hold of the slurp stream W10/Sever2012 provides, otherwise its just glorified Windows Error Reporting.
We have looked at WER in the past, but abandoned it due to lack of usefull info, and quite frankly we have more important things to do, like keeping the medical systems running, and deploying the endless stream of MS patches, and sending responses to useless NHS Digital Alerts ....
We have looked at WER in the past, but abandoned it due to lack of usefull info, and quite frankly we have more important things to do, like keeping the medical systems running, and deploying the endless stream of MS patches, and sending responses to useless NHS Digital Alerts ....
Don't forget answering freedom of information requests from companies asking about critical infrastructure, social media etc too! Because they are such a good use of IT resources.
The other point, for those not familiar with how the NHS is setup is that it’s all very well NHS Digital procuring something and declaring that it should be installed, but they’re not the ones doing the installing ... that’ll be the IT staff working for the various Trusts, CSUs, other support organisations etc, who already have full work programmes providing day-to-day support as well as infrastructure upgrades and developments.
So the NHS trust their endpoints with the famous Security company Microsoft?!!?
More likely held to ransom over ever increasing legacy support costs (multi million) and given shoddy MS Endpoint as part of a package...
The security industry is built on Microsoft’s lack of erm... security.
Let’s hope the majority of Trusts are sensible enough not to role it out and god help the NHS/patients next time it is hit with ransomware...
NHS Digital has yet to explain why it has taken months to roll out Microsoft's Enterprise Threat Detection Service (ETDS) to only about two per cent of the UK health service's targeted installed base.
They don't need to explain. It's well known that Windows boxes are everywhere in the NHS. Their enterprise is therefore under threat by definition. Adding more MS crap is really going to improve the situation?
NHS Digital has yet to explain why it has taken months to roll out Microsoft's Enterprise Threat Detection Service (ETDS) to only about two per cent of the UK health service's targeted installed base.
Because it's obviously shite? If one looks up microsoft enterprise threat detection you get blasted with a couple of microsoft sites filled with lots of hollow promises and texts that aren't really saying anything.
Why don't they use an anti-virus/anti-malware provider with a track record, preferably with good detection rates in independent surveys?
"ETDS is just one area of the framework the NHS signed last summer: it provides patches and updates for devices across the sector running various flavours of Windows including XP, Server 2003 and SQL 2005. It runs until summer 2018"
Unfortunately, after a stuttering period between November and January when no new patches for XP or 2K3 were made available by NHS Digital to NHS Trusts who had signed up to the ludicrously bureaucratic NHS CareCERT Collect service, they announced that no new patches for XP would be made available and only patches for 2K3 would continue until July 2018!
commercial sensitivity
At the end of the day its our tax money being spent, who cares who the supplier is, if its funded by taxpayers it should not have costs hidden from them
If NHS digital cannot tease out cost of the (useless) threat detection software from the rest of the contract .. then give us all the contract costs / details.
After all, if its MS providing MS software then we should be told full cost as if anyone can undercut them (given third party folk would have to buy from MS and resell) then it means taxpayer getting truly price gouged.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
