Insurance & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


05:10 PM
Phil Britt
Phil Britt
Connect Directly


Blue Cross of Idaho taps Network Chemistry application to control rogue wireless usage.

Despite the increasing popularity of wireless technology, Meridian, Idaho-based health insurer Blue Cross of Idaho (BCI; nearly $960 million in annual premium) had never installed a wireless network in its three offices. "Our people don't have any need for wireless communications, so we've had a policy for several years that wireless is not permitted," explains Jan Marshall, BCI's manager of technical and network services. "The No. 1 concern is security of information."

That is especially the case for personal health information, the protection of which is guaranteed by HIPAA, Marshall adds. Of course, a policy was no guarantee that individuals weren't setting up their own wireless local area networks. Accordingly, "Every six months [the carrier's auditors] were asking us what we were doing to enhance network security," including protecting against wireless access, Marshall says.

BCI was challenged with not only dealing with the possibility of employees' illegitimate use of wireless, but also enabling legitimate use simultaneously. Visitors, such as equipment vendors, typically need the wireless-enabled laptops they carry in order to communicate with their home offices via e-mail, so they're not asked to turn off the devices, Marshall relates.

Wireless jamming/blocking devices have been available for a few years, but those devices would likely interfere not only with unauthorized wireless communications within BCI's offices, but also with legitimate wireless communications at nearby businesses, rendering those types of devices unusable as far as Marshall was concerned. "We didn't want to jam others," he says. "We wanted to be a good neighbor."

Marshall began a search for acceptable wireless-signal detection technology in the second half of 2005 and reserved funding for the solution for the 2006 calendar year budget. "We did a lot of research on the Web. We were looking for a solution that offered simplicity and flexibility at a low cost," Marshall says. "We narrowed it down to one system that we felt was a good fit."

That system was the RFprotect Distributed wireless intrusion detection and protection (WIDP) system from Network Chemistry (Redwood City, Calif.). The insurer chose and installed the product in the second quarter of 2006. The system features sensors that scan all wireless channels and perform complete detailed session analysis at the edge of the network around the clock, according to Marshall.

Each sensor covers about 20,000 square feet. Blue Cross is using 20 sensors, which are located in drop ceilings across the insurer's offices in Meridian. Each of the sensors communicates with a centralized security server, Microsoft (Redmond, Wash.) Windows-based hardware that the carrier already possessed. If a sensor detects a threat, it sends an alert to the security server, which automatically removes the rogue device from the network.

The entire system cost Blue Cross a little under $35,000, Marshall says. In addition to the cost of the system, the insurer also added additional wiring for the sensors themselves. The wiring took about a week, according to Marshall, and was the most time-consuming part of getting the system up and running.

Marshall notes that he has tested the system by occasionally turning on a wireless device in various parts of BCI's offices. The RFprotect Distributed system was able to immediately identify and block the wireless device without fail, he asserts.

Network Management


Blue Cross of Idaho (Meridian, Idaho; $960 million in premium).

lines of business

Health insurance.


RFprotect from Network Chemistry (Redwood City, Calif.).


Ensure no wireless devices are connected to the network.

Register for Insurance & Technology Newsletters