One of our customers runs a large Azure data center that works with Personal Health Information ( PHI). Before the client contacted us, many of their servers have been running on legacy OS and the overall infrastructure was rather disorganized. The Company’s management was concerned about potential security holes and requested to conduct a thorough security audit.
Before contacting ABCloudz, the Company’s IT staff had been aware of potential security gaps in their infrastructure. For example, their data infrastructure included outdated servers, such as Windows Server 2003, 2005, 2008. All of these databases are out of support by Microsoft and known to have security vulnerabilities.
The legacy Windows Server 2003 is vulnerable to unauthorized remote commands conducted through RDP and Terminal Server. And Windows Server 2008 allows authorized users to execute arbitrary code through special SQL queries. In this case, the user can take control of the server and then do whatever he wants with the data.
The customer had to identify and fix those issues as soon as possible to avoid security breaches leading to adverse consequences, up to HIPAA fines and liability. The customer also prioritized their app’s performance, so all fixes had to be implemented without any impact on the business.
Read this article to know how the ABCloudz team applied its best practices to secure healthcare data infrastructure for the client.
The ABCloudz team examines the entire infrastructure
ABCloudz was chosen as a right technology partner for the client because of a proven expertise in databases, IT administration and Azure infrastructure. Once the client communicated their requirements to the team, our specialists immediately swung into action. We worked according to the recommendations of experienced healthcare data security consultants to come up with a clear security audit roadmap.
The team thoroughly reviewed the infrastructure according to the custom checklist, including such categories as authorization and authentication, permissions, passwords, security monitoring, encryption, security auditing, and data recovery. We relied on the recommended Azure operational security checklist. You can review its basic in the table below.
Category | Specific points to check |
---|---|
Security Roles & Access Controls |
|
Dat Collection & Storage |
|
Security Policies & Recommendations |
|
Identity & Access Management |
|
Ongoing Security Monitoring |
|
Microsoft Defender for Cloud detection capabilities |
|
DevOps |
|
The checklist was customized according to the specific requirements and infrastructure peculiarities of our client. As a result, we determined 50+ security issues in the client’s data infrastructure. All of them had to be fixed.
Fixing the client’s security issues
Once all security gaps and potential issues were identified, the ABCloudz team started fixing them simultaneously. In particular, our specialists did the following:
- Configured the file-sharing options within the data infrastructure.
- Optimized the system of permissions.
- Provided more secure authentication and authorization protocols.
- Established scheduled storage keys regeneration.
- Fortified secure data encryption.
- Established mechanisms for efficient security monitoring and auditing.
- Established a flexible system of password regeneration.
- Enhanced Azure infrastructure safeguards.
- Established efficient data recovery mechanisms.
- Upgrade and patching of the outdated and vulnerable infrastructure parts, such as Windows Server 2003.
Meanwhile, our team had to ensure that all fixes don’t impact the data center’s productivity. Therefore the ABCloudz team applied custom Azure configurations and thoroughly reviewed all fixes to ensure that no change in the Azure console affects the infrastructure performance. If a particular fix impacted the system’s performance, it was reviewed and replaced with an alternative that did not have such an impact on the infrastructure’s efficiency.
Top-notch security and excellent infrastructure performance
The ABCloudz successfully reviewed and upgraded the security of the client’s system. As a result of our effort:
All security issues identified and fixed to establish top-notch security of the infrastructure, which protects the client from data breaches and problems resulting from them.
The client receives Azure console configurations for more efficient security auditing and troubleshooting in the future.
Despite some impactful changes in the client’s infrastructure, its performance was not reduced after our effort.
All the client’s requirements were fulfilled within the shortest terms – 2 months.
After a successful security audit and upgrade, the client feels safe about the security of their infrastructure because it is fortified from various types of data leaks and security breaches. Therefore, the customer’s system is completely compliant with HIPAA regulations.
Benefit from our Azure security expertise and other Practices
The ABCloudz team relies on developed Practices that cover Cloud Infrastructure, DevOps, Database Services, Security and Application Development. In this article we shared an experience of handling Security Infrastructure for Azure, which required a coordinated effort of specialists from several areas: IT Security Specialists, Cloud Engineers, SQL Server Engineers, Application Architects. We encourage you to read about other articles that showcase examples where the ABCloudz team has built applications for Healthcare companies using IoT and BLE devices.
ABCloudz can be your one-stop-shop for all things technology if it is a matter of building a new solution, product or web service, or upgrading your IT infrastructure to be in a top notch state.