Protecting patient data with cloud security

This medical technology company provides clinical diagnostic apps to hospitals – crucial to healthcare services.

Unfortunately, these apps relied on an on-premise model and physical devices. This means company engineers had to upload various applications, infrastructure, and platforms to each device before shipping them to a hospital. Unsurprisingly, the entire process took months.

Even when a device was up and running, the company struggled to provide timely after-sales support. App engineers had to travel to hospitals to fix issues, install patches and updates, or address security concerns.

The company knew that migrating apps to the cloud would cut build time and remove the need for on-site visits – but the move brings with it new security challenges. Cybersecurity in healthcare is a hot topic because hospitals are common cyberattack targets. Worse still, companies are most vulnerable to cyberattacks during a cloud migration.

In short, the stakes were extremely high. Inaction would leave the business stuck in the past with frustrated engineers and clients. But failing to secure hospital data during the migration could ruin client trust and jeopardize the business. The company desperately needed a partner to oversee security throughout its cloud migration.

The company explored several vendors, but none could deliver the right blend of industry, cloud, and security expertise it needed. Thankfully, Genpact could.

We worked with the company's technology teams to develop a secure platform to run the apps on Amazon Web Services (AWS). AWS uses microservices and container technology to speed up app development and automate updates.

Our team of cloud security experts followed security-by-design principles, which meant we integrated AWS security tools and processes at every development stage. Here's an overview of the AWS services and solutions we used:

• AWS Security Hub and AWS Trusted Advisor: We used these solutions to conduct a cybersecurity maturity assessment, evaluating the company's security posture against industry best practices. The results helped us identify potential vulnerabilities and develop risk mitigation strategies
• AWS security services: Once security gaps were identified, we quickly filled them with AWS security services. AWS Identity and Access Management gave the company strong access controls and permissions to limit who can access and modify its apps. Plus, AWS Web Application Firewall and AWS Shield ensured protection against common web application attacks
• AWS CloudTrail and AWS Config: We used AWS CloudTrail to log activity within the AWS environment to produce a detailed audit trail for security and compliance purposes. We then used AWS Config to continuously assess and audit AWS resources and make sure security best practices and policies are followed
• AWS GuardDuty: AWS's intelligent threat detection service continually checks for malicious activities, unauthorized access, and potential data breaches. Meanwhile, AWS Security Hub aggregates, prioritizes, and analyzes security insights from various AWS services and third-party tools for efficient incident response

These AWS solutions give the company's apps a robust security framework that not only adheres to industry standards but also maximizes the benefits of AWS offerings. Now, the company can rest easy knowing it's protected by a blend of AWS and Genpact expertise.

Today, the company offers its apps through a flexible software-as-a-service model. Hospital clients simply subscribe to the service to run their clinical apps – while complying with all global healthcare regulations.

App engineers are happier too. As the company no longer relies on physical hardware or infrastructure, it can support hospitals remotely if there are any issues. This frees its engineers to focus on critical cases instead of travel time.

The advanced cloud security measures also enable engineers to:

• Reduce the chances of a security breach or cyberattack
• Detect and respond to security issues 95% faster
• Recover quickly and efficiently from any cybersecurity incidents, protecting the company, the hospitals, and their patients

Today, not only are engineers more productive, but hospitals are thriving too. They can serve their patients faster without worrying about downtime or security concerns. Ultimately, the cloud has created a trusted foundation for the future of healthcare.