"We see a tremendous amount of value from the broad range of AWS services that are available. The real power from the cloud can be experienced via a “platform-as-a-service.” You can pick and choose the building blocks and add to the architecture as desired. This provides us the flexibility to innovate and manage. When used in tandem with Contrast Security we can identify vulnerabilities early, protect our applications and sensitive assets, and scale as required.” – Head of Application Security, Data Protection | Digital Healthcare Company
With approximately 6 million patients that visit this digital healthcare company per month to schedule and book doctor appointments, they strive to adapt, innovate, and modernize the healthcare industry by providing a frictionless healthcare experience for healthcare practitioners and for the 21st century patient. The company started out by focusing on the first step in a patient’s healthcare journey—the effective scheduling and booking of doctor appointments to help solve the ongoing access problem. The company initially focused on private healthcare practices and building a technology solution optimized for that specific use case. They experienced early success, building momentum, and critical mass. The company soon realized that there was a significant opportunity to turn its focus and expand to a larger piece of the healthcare system by addressing the changes in healthcare demands.
Over the last few years, the rapid changes within business and digital transformation required higher end-user expectations, flexibility, and scalability than traditional on-premises technology and legacy application security tools could address. As a result, the company developed a digital strategy to manage this new transformation, and continue to innovate rapidly and release quality products and services faster. The key strategic pillars for them were built on the following:
The company realized early on that it needed to migrate its workloads to the cloud and realign its products to the technology advances in the marketplace. They chose to migrate to the cloud via Amazon Web Services (AWS) enabling them to integrate seamlessly with Contrast Security and secure their software applications. Some of the major business drivers that triggered the corporate discussions on quickly migrating to the cloud included the following:
In the U.S., the average wait time to see a doctor is approximately 24 days. Furthermore, 30% of the availability goes to waste due to rescheduling, last minute bookings and cancellations. As a result, doctors are being underutilized, while patients do not receive the immediate access to a doctor that they require.
The organization understood that digital transformation was driving the dynamics of business and technology, and the disruptive nature of this new era within the healthcare industry. The company had observed that innovation was being impeded by traditional infrastructure and legacy-based manual security tools. They required a holistic integrated solution that combined key elements such as automation, security protection, optimization and control in order to succeed.
“The digital transformation has allowed us to develop new ways of delivering traditional healthcare services via the cloud.” – Head of Application Security, Data Protection | Digital Healthcare Company
Accelerating their future migration to the cloud is much more than just flipping the proverbial switch. The company is 100% committed to its transition to the AWS cloud platform in order to experience greater productivity and additional benefits of scale and agility. Initially, with no prior background or in-depth experience in the cloud, the company looked for a cloud partner with shared principles including rapid innovation and focus on customer satisfaction. In the process of migrating to the cloud, the organization understood that they needed to ramp up on concepts such as “Infrastructure As Code,” DevSecOps, compliance, and shared security responsibility. Moreover, the company discovered that the easiest and least expensive way to migrate an existing workload to the cloud was to take the workload as-is and run it on cloud-native resources via a “Lift & Shift” approach. In essence, this involved transitioning existing workloads/applications and data from on-premises deployments to the AWS (cloud provider) infrastructure.
In a standard “Lift & Shift” cloud migration, there are no significant architecture changes, data flow or authentication mechanisms that are required to migrate since the services are being rehosted on the cloud. Applications are effectively “lifted” from the current environment and “shifted” to the new cloud-hosted framework.
The company is firmly committed to meeting the key regulations and industry-defined requirements in order to securely protect sensitive personal health information (PHI). They use Amazon CloudTrail, a service that enables governance and risk auditing to facilitate compliance practices. As a result, the company merits the trust of its patients to manage their care and meet the compliance standard mandates and policies for the healthcare industry (e.g. HIPPA, HITRUST, NIST).
Increasing the scale and sophistication of their security controls, demonstrating a mature security posture and meeting stringent certifications requirements are major differentiators. Moreover, this provides a unique competitive advantage for the company, its patients and healthcare providers.
Cloud providers such as AWS possess a shared responsibility model, whereby both this digital healthcare company and the cloud provider have a shared responsibility to protect sensitive data assets. The company needed to understand the types of factors that were specific to the cloud environment and to work towards a solution to address each issue.
An outstanding issue was encryption threats to AWS S3 (Storage) bucket data exposure, since data can potentially (by default) still be stored unencrypted. Prior to migrating to the cloud, there were policies and processes to enforce encryption at rest. Hence, the organization made sure that they automated the bucket encryption in all instances and that they were able to identify any changes made to the S3 bucket and correct accordingly. The design pattern that they utilized can be replicated for all other S3 concerns. Previously, when on-premises, the company relied on firewalls and network security. In today’s cloud environment, potential threat vectors include ports made sensitive due to the relative ease of spinning up a server, exposing those ports to the entire internet. The organization ensured all ports were locked down via auto-correction using technologies they invented and shared with the community as open source.
An innovative, automated blueprint to garner success for the organization was necessary in order to automate, scale, and protect. As the company continues to innovate at breakneck speed, one strategic area of focus has been in deep learning and artificial intelligence. Moving to a secure cloud infrastructure via the “Lift & Shift” approach was identified early on as the most efficient path to remove IT bottlenecks and security barriers. Contrast Security and AWS played a critical role in allowing the organization to move rapidly while allocating resources more effectively and securing assets.
Contrast Security and AWS enabled this digital healthcare company to employ a more layered security posture than they had previously, helping them transition more securely to the cloud. The organization’s synchronous technology has significantly reduced patient wait time to just 24 hours. This has helped redefine them as they expand their footprint.
As a Digital Healthcare and Technology company providing online medical care, appointment, and booking scheduling services, the organization has ambitions to optimize and elevate the patient and healthcare practitioner experience. By migrating and utilizing Amazon Web Services (AWS), the company was able achieve these goals with flexibility, reliability, security, compliance, and scalability. The AWS offerings have helped the company launch and integrate new applications quickly and effectively, accelerating time-to-market and providing a key competitive advantage. Implementing Contrast as part of their DevSecOps initiatives enabled the company to further integrate security into existing Agile and DevOps workflows and tools. This allowed them to secure and protect patient and healthcare practitioner data, innovate and deliver products and services to the marketplace much faster, more securely, and at reduced cost.
Schedule a demo and see how to eliminate your application-layer blind spots.
Book a demo