Client Background
The client is a major healthcare provider in the US.
Client Need
- Ensure that Client’s cloud environment is compliant and secure.
- Prevent shadow IT and streamline cloud usage.
- Innova’s Cloud Security team worked with Client’s InfoSec, TechOps, and Amazon Web Services (AWS) to examine and refresh policies across subject areas.
- Along with meeting current regulatory and compliance requirements, the team worked also to create a forward-looking environment and documentation suite to address the future compliance needs.
Our Solution
- Security
- Comprehensive assessment of Client Cloud Infrastructure and Network connectivity and provided recommendations for their Cloud 2.0 goals based on the principle of granting “least privilege” to users and accounts wherever possible.
- This approach limited the blast radius in case of technical or security incidents.
- The team has also followed AWS, Center for Internet Security (CIS), and other industry security recommendations throughout the development process to ensure adherence to leading best practices.
- In the Cloud 2.0 infrastructure, whether in a production or non-production environment, the presence of protected information is always assumed, and security practices are rigorously maintained.
Tools & Technologies
Fortify, Nessus, Veracode, Pingidentity
Key Benefits
- Management
As a result of this assessment and the recommendations made by Innova, Client created a dedicated Cloud Operations team (Ops) and Cloud Tools teams to assist in managing and supporting the Cloud 2.0 infrastructure on AWS. Innova provided support in creating tools and automation resources to ensure security compliance and facilitate deployment.
- Automation
One of the goals of the Cloud 2.0 project was to increase the level of automation in the build and deployment processes. Innova’s recommendations and ongoing support aims to build everything in a fully automated way with tools and infrastructure managed with code.
- Validation (Governance)
Innova implemented a set of validation tools to continuously scan the AWS environments to ensure compliance with internal and external regulatory standards.
