IT Science Case Study: Aligning Security with a Cloud-First IT Strategy

One Medical had previously evaluated other security solutions and found they were difficult to deploy in their cloud-first technology stack. Signal Sciences eventually filled the need.

SignalSciences.OneMedical.logos

Here is the latest article in a new eWEEK feature series called IT Science, in which we look at what actually happens at the intersection of new-gen IT and legacy systems.

Unless it’s brand new and right off various assembly lines, servers, storage and networking inside every IT system can be considered “legacy.” This is because the iteration of both hardware and software products is speeding up all the time. It’s not unusual for an app-maker, for example, to update and/or patch for security purposes an application a few times a month, or even a week. Some apps are updated daily! Hardware moves a little slower, but manufacturing cycles are also speeding up.

These articles describe new-gen industry solutions. The idea is to look at real-world examples of how new-gen IT products and services are making a difference in production each day. Most of them are success stories, but there will also be others about projects that blew up. We’ll have IT integrators, system consultants, analysts and other experts helping us with these as needed.

Today’s Topic: Medical Service Needs Security to Align with Cloud Strategy, HIPAA

Name the problem to be solved: One Medical, a new-gen health care provider with locations in more than 50 cities around the country, needed a solution that could help it gain more real-time visibility into cloud applications while staying compliant with HIPAA (Health Insurance Portability and Accountability Act of 1996) regulations. One Medical had previously evaluated other security solutions and found they were difficult to deploy in their cloud-first technology stack.

“We have always proactively prioritized security at One Medical. We wanted better visibility into our application layer, which is what led us to choose Signal Sciences,” said Jérémie Meyer de Ville, a senior engineering manager.

Describe the strategy that went into finding the solution: Health care is an industry susceptible to identity theft. Organizations such as One Medical have to deal with a multitude of electronic medical records. The company takes security and confidentiality of their customers’ PII (personally identifiable information) seriously by following industry best practices in software development and testing, as well as internal and external security practices.

One Medical needed security that could scale with its cloud-first strategy and improve its overall security posture. False positives in the company’s IT environment meant doctors could be blocked from critical functions, such as submitting prescriptions. While evaluating other solutions, One Medical’s teams found they were difficult to deploy into their cloud-first stack and actually caused false positives.

List the key components in the solution: Signal Sciences Web Protection Platform claims to be the only solution in the application security market that works across any modern architecture, providing broad coverage against real threats and attack scenarios. The Signal Sciences platform offers a menu of deployment options, including next-gen web application firewall (WAF) and runtime application security protection (RASP) modules, and can also operate as a reverse proxy for legacy applications.

One Medical used Signal Sciences’ analytics and data to build a more strategic security program. “The awareness of risks that our app is under helps us to build a more effective business case to add more security headcount. This helps us plan for the year ahead--and the way Signal Sciences scales makes it easier for us to add more instances into AWS (Amazon Web Services, upon which the service runs), and we know we’re secure,” Senior Security Engineer Mike Katz said.

Describe how the deployment went, perhaps how long it took, and if it came off as planned: One Medical’s security team needed buy-in from their engineering group to find a solution that delivered best in class security and could be easily deployed into their cloud-first technology stack. “If a tool can’t be deployed easily for the Dev team, then the solution is a non-starter for security,” Katz said. “We’re not going to deal with something that can’t be managed in the first place. Signal Sciences was the only solution that met our requirements.”

Describe the result, new efficiencies gained, and what was learned from the project:

  • Signal Sciences’ Web Protection Platform (WPP) offered One Medical analytics and data to help them build a more strategic security program;
  • WPP Strengthened real-time visibility, decisioning and action in the application layer for One Medical;
  • collaboration between teams improves visibility; and
  • the new solution helped security build a business case for more strategic security hires.

Shortly after One Medical deployed Signal Sciences, it experienced a malicious attempt to brute-force logins to their application and were able to shut it down immediately within the tool. Instead of relying on logs to surface events after the fact, they used Signal Sciences to block and alert in real time. With intuitive-to-use dashboards, events and alerts accessible by all teams, One Medical now better understands the attack chain to quickly detect attacks (e.g. privilege misuse or credential stuffing) and protect its sensitive customer data.

Other references:

If you have a suggestion for an IT Science feature, email cpreimesberger@eweek.com.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor of Features & Analysis at eWEEK, responsible in large part for the publication's coverage areas. In his 13 years and more than 4,000 articles at eWEEK, he...