Welcome to the latest edition of AEP Networker. This issue focuses on examples of how customers have used the AEP Networks' solutions.

Pat Donnellan, CEO

Durham County Council of the United Kingdom, in partnership with the National Health Service (NHS), adopted the AEP Netilla Security Platform (NSP) to provide staff with a secure and easy way to access business applications from multiple office locations.

In an effort to reduce IT procurement, installation and administration costs, Durham County Council and the NHS partnered to share applications and services, hosting them on a common network. It quickly became evident that the existing single server solution delivering a thin client environment was unable to cope with the increased traffic. Additionally, external network access made security a top priority.

Durham County Council chose to minimize security threats by implementing an SSL VPN gateway solution that reduces the number of open ports to the SSL port only, offering significantly enhanced security and easier management. An SSL VPN would also allow application delivery without having to install software on hundreds of PCs located at numerous County Council and NHS office locations.

Using the NSP, these organizations have greatly enhanced security while making network administration and management easy and less resource intensive.

EpicTide, Inc. and AEP Networks now offer a joint solution for HIPAA compliance.

In recent years, healthcare providers have streamlined processes by offering their partners secure access to sensitive applications. Now, healthcare providers want to streamline existing processes for HIPAA privacy audits involving those applications. AEP and EpicTide have addressed these needs by integrating AEP’s remote access solution with EpicTide’s auditing and log centralization solution. For the first time, healthcare organizations can create a comprehensive forensic audit trail across all of their applications and systems, including their VPN. The combined solution also enables organizations to produce analytics such as detailed trending on application access and security related events.

Bayfront Health System used the solution to streamline HIPAA privacy audits and produce a comprehensive forensics trail across all applications and systems, resulting in improved information security responsiveness and sustainable, affordable compliance.

AEP Networks and HealthCast Inc. created a joint solution that secures and controls external access to patient accounts receivable information. The AEP/HealthCast solution provides financial service companies that contract with hospitals secure, web-based read/write access to patient billing records while meeting the demands of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The solution was installed at Temple University Hospital, a hospital within the Temple University Health System (TUHS).

TUHS employs outside financial agencies to collect over-due patient account receivables. Temple University Hospital wanted to computerize its paper system and provide remote access to the system for its various billing agencies, but knew it must find a cost-effective solution that would comply with HIPAA privacy laws. The hospital chose the AEP/HealthCast solution (the Patient Data Browser from HeathCast in conjunction with the AEP Netilla Security Platform) because it followed security regulations by requiring unique authentication by each user while controlling access to only specific authorized patient information. The solution also audits all user activity, including accessed records.

The AEP/HeathCast solution can be used by a variety of financial services and clinical groups within the hospital or outside service providers.

In today's edition of 'Product Corner' we answer your questions about AEP Keyper Enterprise.

What is AEP Keyper?
AEP Keyper is a Hardware Security Module (HSM) that securely generates, stores, manages and enables the use of cryptographic keys. AEP Keyper is primarily used by larger enterprises that serve as their own trusted certification authority and, thus, need to generate their own keys and certificates for security applications. The AEP Keyper product suite spans Enterprise, Professional and PCI models. AEP Keyper can be deployed standalone within an enterprise network or in tandem with AEP Net highly secure VPN encryptors.

Is AEP Keyper certified?
The Keyper Enterprise cryptographic HSM has been certified to U.S. FIPS (Federal Information Processing Standards) 140-2 Level 4, the highest-possible accreditation level. This certification means that network security administrators can use Keyper Enterprise to generate, store and use high-quality cryptographic keys with the assurance of full FIPS compliance. FIPS 140-2 Level 4 certifies Keyper’s automatic key deletion upon tamper detection, its hardware-seeded random number generator, its key management and its algorithm implementations. AEP Keyper Enterprise is the only cryptographic HSM on the market today that meets the rigorous requirements of the FIPS 140-2 Level 4 standards.

What is FIPS?
FIPS standards, issued by the U.S. National Institute of Standards and Technology (NIST), specify IT security guidelines for U.S. government agencies; FIPS standards are also widely followed by other government organizations, financial institutions and commercial enterprises around the world. Who uses AEP Keyper?

Since its inception in 2000, AEP Keyper has been deployed in public- and private-sector enterprises in the U.K., U.S., Australia, Japan, Singapore and Europe; governmental applications have involved defense, revenue and taxation, treaty monitoring and space systems.