Healthcare Firm Relies on AWS Scalability, Availability and Security for New Service

Flux7 Designs, Builds and Teaches Firm to use AWS Healthcare Best Practices

Profile

This company is focused on the fitness component of healthcare, bringing to customers the means for fun, motivational workouts. As a firm steeped in technology, this company pairs elements of gamification with personal workout goals to ensure that its customers attain health and fitness.

Challenge

This healthcare company had fitness goals of its own, and was looking to introduce a new robust online service for its customers. Already using AWS for its platform and other products, this firm wanted the new online service to take advantage of the scalability and availability benefits inherent to AWS. In addition, the healthcare organization was looking for a consulting partner who could help it implement cloud-based risk management–recommending and implementing security and regulatory best practices–to help it ensure the new service was secure and met HIPAA compliance.

Solution

Together with Flux7, an AWS advanced consulting partner, this firm’s IT, Development and Security teams began designing a blueprint solution that would help it attain its scalability, uptime and security goals.

Scalability
The new service is expected to grow exponentially, growing from tens of thousands of requests every hour to a sum five times that. With this level of demand, scalability is critical. The team designed the solution to both scale up to meet peaks in demand and ensure the service could load within milliseconds. To do so, the team implemented AWS Auto Scaling in conjunction with CloudWatch. CloudWatch actively monitors, alerts and takes action when the firm’s Amazon EC2 instances reach a certain utilization threshold; CloudWatch takes the automated action to use Auto Scaling to dynamically add Amazon EC2 instances to ensure service availability. And, when demand decreases, the inverse automatically occurs.

Uptime:
In addition to scalability to ensure availability of the new service, this healthcare company also has high uptime expectations as the impact of downtime is not only costly to its reputation, but also to its bottom line. As a result, AWS CodeDeploy was chosen to automate new code deployments to any instance, helping avoid downtime during application deployment. Moreover, CodeDeploy also helps automate service updates, eliminating human error that could lead to downtime.

In addition, Flux7 helped this healthcare organization create a failover environment through the use of two Availability Zones. Now, should something happen to the primary zone, the secondary zone will continue to deliver the service to customers.

Security:
With customers depending on the service to track and measure their personal health statistics, a security breach would also be very expensive to this healthcare organization. Combined with the need to meet HIPAA compliance, and it is clear that a layered security approach is needed. In addition to setting up security policies that meet both internal security and HIPAA requirements, Flux7 consultants and this firm’s security team included monitoring, key management, patching and more into the technology foundation and processes for the new service. One example of a technology-powered strategy that is used at this healthcare company is matrixed IAM roles and policies that ensure separation of duties and least privileged access. In this example, Development can not make any changes to firewalls, or security settings but they are able to create and delete servers.

Benefits

The new service from this healthcare company has already become an integral part of people’s daily routines. And, this firm wants to keep them as active (literally) customers who continue to manage their health through its gamification features. To ensure uptime, scalability and security of the service, this company brought in the AWS experts at Flux7 who helped it build security in and meet HIPAA compliance objectives at launch. Moreover, with a swiftly growing customer base, Flux7 designed, built and taught the firm how to use the advanced AWS features that ensure ongoing scalability and availability. Today this healthcare firm is ready to extend its new infrastructure as it grows its user base and adds new features and functionality.

Business Needs

  • Launch highly available, scalable new service
  • Ensure HIPAA compliance

Solution

  • AWS Auto Scaling and CloudWatch
  • AWS Code Deploy and Multiple AZs
  • IAM Roles and AWS Config

Benefits

  • Met and exceeded uptime SLA
  • Scales to meet peaks in demand
  • HIPAA compliant