CUSTOMER SUSCCESS
Digital Healthcare
Creating Marketplace Efficiencies For The Healthcare Industry
industry
Digital Healthcare and Medical Technology
Location
HQ Location: U.S
challenge
Business and technology innovation was being hampered by traditional legacy security and infrastructure tools. This digital healthcare company required a solution that could quickly and seamlessly accelerate the company’s digital future by migrating securely to a cloud infrastructure.
We see a tremendous amount of value from the broad range of AWS services that are available. The real power from the cloud can be experienced via a “platform-as-a-service.” You can pick and choose the building blocks and add to the architecture as desired. This provides us the flexibility to innovate and manage. When used in tandem with Contrast Security we can identify vulnerabilities early, protect our applications and sensitive assets, and scale as required.”
Head of Application Security, Data Protection
Digital Healthcare Company
Overview
Solving the Healthcare Access Problem
With approximately 6 million patients that visit this digital healthcare company per month to schedule and book doctor appointments, they strive to adapt, innovate, and modernize the healthcare industry by providing a frictionless healthcare experience for healthcare practitioners and for the 21st century patient. The company started out by focusing on the first step in a patient’s healthcare journey—the effective scheduling and booking of doctor appointments to help solve the ongoing access problem. The company initially focused on private healthcare practices and building a technology solution optimized for that specific use case. They experienced early success, building momentum, and critical mass. The company soon realized that there was a significant opportunity to turn its focus and expand to a larger piece of the healthcare system by addressing the changes in healthcare demands.
Over the last few years, the rapid changes within business and digital transformation required higher end-user expectations, flexibility, and scalability than traditional on-premises technology and legacy application security tools could address. As a result, the company developed a digital strategy to manage this new transformation, and continue to innovate rapidly and release quality products and services faster. The key strategic pillars for them were built on the following:
- Scale horizontally
- Diversify the technology stack
- Open Source
- Data Liberation
- Elevate Security
The company realized early on that it needed to migrate its workloads to the cloud and realign its products to the technology advances in the marketplace. They chose to migrate to the cloud via Amazon Web Services (AWS) enabling them to integrate seamlessly with Contrast Security and secure their software applications. Some of the major business drivers that triggered the corporate discussions on quickly migrating to the cloud included the following:
- Greater operational efficiencies, scalability, and flexibility
- Shift in focus to the cloud for greater agility and rapid innovation
- Architectural flexibility not offered via on-premises technology
- Effective compliance and security requirements met
- Security, visibility and granularity within the cloud
Challenges
Solving Patient and Healthcare Provider Problems
In the U.S., the average wait time to see a doctor is approximately 24 days. Furthermore, 30% of the availability goes to waste due to rescheduling, last minute bookings and cancellations. As a result, doctors are being underutilized, while patients do not receive the immediate access to a doctor that they require.
The organization understood that digital transformation was driving the dynamics of business and technology, and the disruptive nature of this new era within the healthcare industry. The company had observed that innovation was being impeded by traditional infrastructure and legacy-based manual security tools. They required a holistic integrated solution that combined key elements such as automation, security protection, optimization and control in order to succeed.
“The digital transformation has allowed us to develop new ways of delivering traditional healthcare services via the cloud.”
– Head of Application Security, Data Protection | Digital Healthcare Company
“Shift & Lift" Cloud Migration Approach
Accelerating their future migration to the cloud is much more than just flipping the proverbial switch. The company is 100% committed to its transition to the AWS cloud platform in order to experience greater productivity and additional benefits of scale and agility. Initially, with no prior background or in-depth experience in the cloud, the company looked for a cloud partner with shared principles including rapid innovation and focus on customer satisfaction. In the process of migrating to the cloud, the organization understood that they needed to ramp up on concepts such as “Infrastructure As Code,” DevSecOps, compliance, and shared security responsibility. Moreover, the company discovered that the easiest and least expensive way to migrate an existing workload to the cloud was to take the workload as-is and run it on cloud-native resources via a “Lift & Shift” approach. In essence, this involved transitioning existing workloads/applications and data from on-premises deployments to the AWS (cloud provider) infrastructure.
In a standard “Lift & Shift” cloud migration, there are no significant architecture changes, data flow or authentication mechanisms that are required to migrate since the services are being rehosted on the cloud. Applications are effectively “lifted” from the current environment and “shifted” to the new cloud-hosted framework.
Healthcare Compliance, Certifications and Industry Mandates
The company is firmly committed to meeting the key regulations and industry-defined requirements in order to securely protect sensitive personal health information (PHI). They use Amazon CloudTrail, a service that enables governance and risk auditing to facilitate compliance practices. As a result, the company merits the trust of its patients to manage their care and meet the compliance standard mandates and policies for the healthcare industry (e.g. HIPPA, HITRUST, NIST).
Increasing the scale and sophistication of their security controls, demonstrating a mature security posture and meeting stringent certifications requirements are major differentiators. Moreover, this provides a unique competitive advantage for the company, its patients and healthcare providers.
Shared Security Responsibility
Cloud providers such as AWS possess a shared responsibility model, whereby both this digital healthcare company and the cloud provider have a shared responsibility to protect sensitive data assets. The company needed to understand the types of factors that were specific to the cloud environment and to work towards a solution to address each issue.
An outstanding issue was encryption threats to AWS S3 (Storage) bucket data exposure, since data can potentially (by default) still be stored unencrypted. Prior to migrating to the cloud, there were policies and processes to enforce encryption at rest. Hence, the organization made sure that they automated the bucket encryption in all instances and that they were able to identify any changes made to the S3 bucket and correct accordingly. The design pattern that they utilized can be replicated for all other S3 concerns. Previously, when on-premises, the company relied on firewalls and network security. In today’s cloud environment, potential threat vectors include ports made sensitive due to the relative ease of spinning up a server, exposing those ports to the entire internet. The organization ensured all ports were locked down via auto-correction using technologies they invented and shared with the community as open source.
Security as Code: Automation with Contrast Security and AWS
An innovative, automated blueprint to garner success for the organization was necessary in order to automate, scale, and protect. As the company continues to innovate at breakneck speed, one strategic area of focus has been in deep learning and artificial intelligence. Moving to a secure cloud infrastructure via the “Lift & Shift” approach was identified early on as the most efficient path to remove IT bottlenecks and security barriers. Contrast Security and AWS played a critical role in allowing the organization to move rapidly while allocating resources more effectively and securing assets.
Results
The Doctor will See You Now
Contrast Security and AWS enabled this digital healthcare company to employ a more layered security posture than they had previously, helping them transition more securely to the cloud. The organization’s synchronous technology has significantly reduced patient wait time to just 24 hours. This has helped redefine them as they expand their footprint.
- Reduced costs and greater operational efficiencies
- Less time and cost maintaining their infrastructure
- Reached the highest levels of compliance in healthcare (SOC 2 Type II, HITRUST)
- Reduced the inefficiencies of manual work through automation
- Drove further innovation enabling the businessc
As a Digital Healthcare and Technology company providing online medical care, appointment, and booking scheduling services, the organization has ambitions to optimize and elevate the patient and healthcare practitioner experience. By migrating and utilizing Amazon Web Services (AWS), the company was able achieve these goals with flexibility, reliability, security, compliance, and scalability. The AWS offerings have helped the company launch and integrate new applications quickly and effectively, accelerating time-to-market and providing a key competitive advantage. Implementing Contrast as part of their DevSecOps initiatives enabled the company to further integrate security into existing Agile and DevOps workflows and tools. This allowed them to secure and protect patient and healthcare practitioner data, innovate and deliver products and services to the marketplace much faster, more securely, and at reduced cost.
Amazon Web Services (AWS) Products & Services Used
- AWS Guard Duty
- AWS S3 buckets
- CloudTrail
- CloudWatch
- Dynamo
- EC2 (Servers)
- ElastiCache
- Elastisearch
- Fargate
- Kinesis
- Lambda
- RDS
- Redshift
Contrast Security Products Used
- Contrast Assess
Contrast Integrations
- AlienVault
- Team City
- Slack
Secure your apps and APIs from within
Schedule a one-to-one demo to see what Contrast Runtime Security can do for you