Healthcare Startup x ScaleSec Client Story

Stealth Healthcare

Secure and Compliant Connectivity Between Hospital and Startup’s ML and Data Science Service on GCP
INDUSTRY
Healthcare
PRODUCTS
NA
LOCATION
Bay Area
ANNUAL REVENUE
NA

Confidential

 

PLATFORM

Google Cloud

ASSIGNMENT

Within one week, bridge hospital’s network to client’s GCP environment using an IPSec virtual private network for HIPAA compliance without impacting performance. Upon connecting, review key security controls for HIPAA, as well as networking and data management controls. Then automate configurations using templates using Cloud Deployment Manager.

Project Challenges

ScaleSec was recently selected to advise a stealth healthcare startup in need of verification and validation of essential security and compliance for Google Cloud Platform. Schedules were tight and they needed immediate assistance to connect to a national healthcare services provider and begin their trial period.

Overview

ScaleSec first met with the founders as they were fast approaching a deadline to launch a proof of concept of their service with a national health care provider. Their immediate need (within the next week) was to establish secure connectivity from the hospital to the machine learning and data science service running on Google Cloud Platform.

Insight

Cloud VPN was selected to provide an IPSec virtual private network between the hospital and the cloud, providing a HIPAA-compliant solution without the need to manage additional infrastructure. Connecting older networks to new to meet security and performance requirements can sometimes be a bit tricky. Configuring such hybrid architectures are a common way to address the challenge of connecting established infrastructure meets the new, API-driven world of cloud computing. The team collaborated via a number of video working sessions to get the connection established within the necessary timeframes.

Services Provided

Once connected, the ScaleSec team reviewed many key security controls, including Identity and Access Management policies, service accounts and key management, data encryption practices, logging and auditing considerations (for HIPAA and other compliance requirements), as well as general networking and data management controls. ScaleSec used Cloud Deployment Manager to automate the configurations through templates that were incorporated into the customer’s code base to leverage their current processes and tools. The company will reuse these templates for testing and disaster recovery.

Partner Solutions / Products Used

Network and application performance were critical requirements, so the joint team held consultative architectural discussion to discuss design recommendations, and to help the team identify and remediate potential threat vectors.

Results / Impact / Highlights

Network and application performance were critical requirements, so the joint team held consultative architectural discussion to discuss design recommendations, and to help the team identify and remediate potential threat vectors.
bg-woman-phone-1221911038
"Both teams are pleased with the results and look forward to iterating as the healthcare service grows."
AnonStealth Healthcare Startup & ScaleSec | Stealth Healthcare

Want to speak with a ScaleSec expert?

Want to optimize and transform your existing digital portfolio? Reach out to us.