IOT on Main Street
Malwarebytes Threatdown Advanced

IOT on Main Street and Threatdown by Malwarebytes have forged a groundbreaking collaboration aimed at fortifying cybersecurity in healthcare facilities through cutting-edge endpoint security solutions. By integrating Threatdown’s advanced threat detection capabilities with IOT on Main Street’s expertise in Internet of Things (IoT) technology, healthcare facilities can now proactively safeguard their digital infrastructure against malicious cyber attacks. This partnership not only bolsters the resilience of critical healthcare systems but also underscores a collective commitment to prioritizing patient data privacy and safety in an increasingly interconnected world.

Threatdown Healthcare Case Study

Central Virginia Health Services deploys preventive medicine for malware

Malwarebytes automatically detects and remediates malware for proactive protection

Business profile

Central Virginia Health Services, Inc. is a community- based, nonprofit organization. Each year, its skilled, compassionate professionals provide care for more than 40,000 patients in a safe, trusted environment. The organization’s IT team takes a proactive approach to maintaining the health of its infrastructure and computer endpoints, which is why they chose Malwarebytes.

Business challenge

Taking the proactive approach

Central Virginia Health Services provides medical, dental, pharmacy, behavioral health, and radiology services through 16 locations across the state. The closest location to headquarters is at least 30 minutes away—the furthest location is more than three hours away. Physicians, dentists, nurses, front desk staff, and administrative staff rely on their computers to deliver quality patient care. The organization’s McAfee antivirus solution was missing a growing stream of malware that arrived via web browsing and email messages. Users would call the IT team to report that their systems were running slowly, they were constantly interrupted by pop- ups, or they were receiving messages that they needed to purchase new antivirus software.

Malware infections affected everyone’s productivity. It was not realistic for the IT team to travel to multiple locations simply to check a system for malware.

“Medical facilities and social services agencies frequently are hit by malware, and it has devastating impact,” said Salonge Crenshaw, IT Administrator for Central Virginia Health Services. “We wanted to proactively prevent infection, avoid malware-related disruptions, and reduce risk to our operations.”





Proactively prevent disruption and system damage due to malware


McAfee antivirus, layered enterprise security


Malwarebytes Endpoint Security


Stopped and remediated malware

Simplified endpoint security management across statewide locations

Accelerated troubleshooting and reduced disruption to users

Enabled IT team to reclaim valuable time by stopping malware-related calls from users

Healthcare Case Study

The solution

Malwarebytes Endpoint Security

Crenshaw and many of the organization’s executives had previous experience with Malwarebytes, so the IT team conducted a trial on 50 systems. Malwarebytes Endpoint Security includes a multi-layer defense model that breaks the attack chain by combining advanced malware detection and remediation, malicious website blocking, ransomware blocking, and exploit protection into a single solution. The product’s effectiveness, combined with the Malwarebytes Management Console, made the decision easy.

“Malwarebytes really performed well,” said Crenshaw. “I can easily push it out and monitor every endpoint. We deployed Malwarebytes on all of our endpoints and servers.”

Stops malware

“Malwarebytes stops malware,” said Crenshaw. “Now I can catch a threat before it has any effect on a server or endpoint. It works.”

When a user downloads a toolbar or inadvertently clicks on a malicious ad, it immediately shows up in the management console. Crenshaw knows exactly which system has quarantined the malware, so she simply scans the system and removes it. Malwarebytes’ multi-vector protection catches malware, Trojans, ransomware, and nuisanceware in the background, so users are not disrupted and the IT team doesn’t have to intervene manually. Consolidated threat views and reporting in the Management Console also enables scalable endpoint management.

“I have endpoints grouped by location in the Management Console,” said Crenshaw. “I can monitor dozens of systems at the same time, see exactly what’s going on, and not have to wait until someone calls me to try and figure out what is happening.”

Reduces disruption

Crenshaw said that the number of calls she’s received in the past six months she can count on one hand. Usually, the user has not restarted the system for several days, which kept it from being automatically updated by Malwarebytes. A quick look at the Management Console and Crenshaw knows immediately. After restarting the system, the user is fine.

“Malwarebytes just takes care of malware, so users aren’t calling with those complaints anymore,” said Crenshaw. “It has freed up a tremendous amount of time. It’s really a phenomenal product.”


What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. The HIPAA Security Rule protects a subset of information covered by the Privacy Rule.

What is PHI?

PHI stands for Protected Health Information.

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.

What is a Business Associate Agreement (BAA)?

A “business associate” is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of or provides services to a covered entity.

Why Does Malwarebytes Not Sign a BAA?

**Malwarebytes does not expect to receive nor need to receive any PHI.**

Persons or organizations are not considered business associates if their functions or services do not involve the use or disclosure of protected health information and where any access to protected health information by such persons would be incidental, if at all.

Business associate functions and activities include: claims processing or administration; data analysis, processing or administration; utilization review; quality assurance; billing; benefit management; practice management; and repricing. Business associate services are: legal; actuarial; accounting; consulting; data aggregation; management; administrative; accreditation; and financial. See the definition of “business associate” at 45 CFR 160.103.

What Does HIPAA Say About Ransomware?

Ransomware is a type of malware (malicious software), different from malware. Hackers try to deny access to user data by encrypting the data using a key known to them only until a ‘ransom’ is paid. Hackers may deploy ransomware with other malware to destroy data.

How Does ThreatDown EDR Aid in HIPAA Compliance?

HIPAA Requirement 164.308(a)(1): Policies and procedures to prevent, detect, contain, and correct security violations.

ThreatDown EDR prevents, detects, contains, analyzes, remediates, and rolls back security violations associated with malware attacks on Nebula-managed endpoints.

HIPAA Requirement 164.308(a)(5)(ii)(B): Procedures for guarding against, detecting, and reporting malicious software.

ThreatDown EDR, available on Windows, Mac, and Linux, includes anti-tamper capabilities, preferred configuration for Nebula management console, and robust threat prevention, detection, and reporting via the Malwarebytes Nebula. Malwarebytes Nebula platform integrates with SIEM solutions via secure transfer of Syslog to enable supplemental log aggregation and alerting.

HIPAA Requirement 164.308(a)(6)(ii): Identify and respond to suspected or known security incidents; mitigate, to the extent practicable, harmful effects of security incidents that are known to the covered entity or business associate; and document security incidents and their outcomes.

ThreatDown EP/EDR solution identifies both previously known and unknown malware. Once malware is detected, it is automatically quarantined and removed. The Nebula platform allows for generating a report summarizing the threats and actions taken.