AWS Security for Gardiant

Introduction

Gardiant specializes in employee health insurance claims management, optimizing the processing of workers’ health insurance claims with state providers. As a medium-sized enterprise, it relies on cloud services, with AWS and Azure as its primary providers.

Background

Gardiant encountered distinctive security challenges in safeguarding sensitive customer data, requiring comprehensive solutions to fortify its infrastructure, applications, and data against potential threats.

To address these needs, Gardianth partnered with High Plains Computing (HPC) as their trusted implementation ally. Together, they leveraged managed security services provided by Amazon Web Services (AWS) to construct a resilient infrastructure solution that impeccably aligns with their business, security, and compliance prerequisites. AWS furnishes an array of security services and features to safeguard health insurance data and ensure conformity with regulations like the Health Insurance Portability and Accountability Act (HIPAA).

Requirements

Gardiant is entrusted with critical worker health and other PII data, underscoring the paramount need for stringent adherence to HIPAA and PCI compliance standards across all cloud workloads and applications. Lacking dedicated cloud security experts, they sought software and services that could streamline compliance checks, delivering results via user-friendly dashboards. Automated remediation and immediate security issue notifications were equally imperative, enabling prompt action by their DevOps team. Safeguarding Gardianth’s website against hackers exploits, and bots was a pivotal concern given the sensitive information it handles.

Solutions & Setup

The HPC team orchestrated an intricate security framework, integrating AWS Config, AWS GuardDuty, and AWS WAF. Leveraging the customer’s existing software vulnerability management solution, all findings were centralized within a comprehensive dashboard, offering a holistic security score and spotlighting critical vulnerabilities. AWS Config rules and alerts were strategically established, empowering Gardiant to proactively pinpoint and mitigate potential security issues.

AWS Config rules were centrally deployed and each workload account was setup with config recorders, this way configuration management and anomaly detection was centralized and a single security hub set up in the management account kept all security posture scores as well as violations

In the realm of security, AWS GuardDuty proved instrumental. With its machine learning algorithms, AWS GuardDuty furnished real-time anomaly detection and alerts, enabling swift responses to potential threats. To further fortify their infrastructure, AWS Inspector was deployed to proactively identify and rectify any CVE and other known vulnerabilities, ensuring application and infrastructure integrity. The inspector helped reduce mean time to remediate vulnerabilities(MTTR) and maintained a central software Bill of material (SBOM) for all applications and microservices deployed in multiple workload accounts

AWS CloudTrail which tracks all AWS API usage and user activity was centralized for all workload accounts and a data lake was created with very effective dashboards to get better insight into user activity across all AWS workload accounts

High Plains Computing infrastructure as code (IaC) team created automation documents for AWS System management services that complemented existing hundreds of automation documents for various remediations of common security issues and admins can simply deploy automation documents via System management services at scale without involving any further DevOps and IaC engineering resources

Gardiant was already using the AWS Web application firewall to protect various public endpoints and the HPC team helped them create additional firewall rules for the Admin UI of their various Java/spring-boot apps. Blacklist IPs and Bot control rules were verified and augmented to ensure only intended users can access the application’s public endpoints.

The final piece was AWS Security Hub where all findings from Config, GuardDuty, CloudTrail, and iInspector were consolidated and presented the most important information about security posture first. Following is one example screenshot

Conclusion: Safeguarding Healthcare's Future

Gardiant’s dedication to safeguarding sensitive healthcare data sets a powerful example. With High Plains Computing (HPC) and Amazon Web Services (AWS), they’ve built a robust security framework that ensures HIPAA compliance.

As the healthcare landscape evolves, this foundation paves the way for a secure future. Leveraging AWS solutions, healthcare providers can continue to prioritize patient privacy and well-being. The journey continues, promising innovation and ongoing security for all.

Testimonials

Nikhil Batta Director of Application Development

AWS security solutions have revolutionized our approach to data security. We now have unparalleled visibility into our infrastructure and can respond to potential threats with utmost efficiency. Thanks to the High Plains team for their efficient and diligent approach to implementing our security.

Social Share :