Fastly > Case Studies > Securing Quality Healthcare in the Cloud: A Case Study on One Medical

Securing Quality Healthcare in the Cloud: A Case Study on One Medical

Fastly Logo
Technology Category
  • Analytics & Modeling - Real Time Analytics
  • Application Infrastructure & Middleware - Event-Driven Application
Applicable Industries
  • Healthcare & Hospitals
  • National Security & Defense
Applicable Functions
  • Product Research & Development
  • Quality Assurance
Use Cases
  • Tamper Detection
  • Visual Quality Detection
Services
  • Cloud Planning, Design & Implementation Services
  • Testing & Certification
The Challenge
One Medical, a membership-based primary care practice, was faced with the challenge of securing customer data in line with their cloud-first strategy. The healthcare industry is particularly vulnerable to identity theft, and organizations like One Medical have to manage a multitude of electronic medical records. The company takes the security and confidentiality of their customers’ Personally Identifiable Information (PII) seriously, adhering to industry best practices in software development, testing, and internal and external security practices. However, they needed a security solution that could scale with their cloud-first strategy, improve their overall security posture, and remain compliant with HIPAA. They also faced issues with false positives in their environment, which could potentially block doctors from performing critical functions such as submitting prescriptions. Other solutions they evaluated were difficult to deploy into their cloud-first technology stack and caused false positives.
About The Customer
One Medical is a membership-based primary care practice that aims to make quality care more affordable, accessible, and enjoyable for all. They achieve this through a blend of human-centered design, technology, and an exceptional team. One Medical is committed to protecting customer data, especially in an industry that is susceptible to identity theft. They follow industry best practices in software development and testing, as well as internal and external security practices. They also have a cloud-first strategy and needed a security solution that could scale with this strategy, improve their overall security posture, and remain compliant with HIPAA.
The Solution
One Medical’s security and engineering teams chose Fastly over competitors due to greater confidence in their security capabilities. The solution was easily deployed into their cloud-first technology stack, gaining the approval of all stakeholders. Mike Katz, Senior Security Engineer at One Medical, emphasized the importance of a tool that can be easily deployed for the development team. Fastly was the only solution that met their requirements. One Medical also used Fastly analytics and data to build a more strategic security program. This increased awareness of the risks their application was under, helping them build a more effective business case to add more security headcount and plan for the year ahead. Shortly after deploying Fastly’s Next-Gen WAF, they were able to immediately shut down a malicious IP attempting to brute force logins to their application. Instead of relying on logs to surface events after the fact, they used the Next-Gen WAF to block and alert in real-time.
Operational Impact
  • The implementation of Fastly’s Next-Gen WAF has significantly improved One Medical's real-time visibility, decision-making, and action in the application layer. With intuitive dashboards, events, and alerts accessible by all teams, One Medical can now better understand the attack chain to quickly detect attacks and protect their sensitive customer data. The solution has also helped the security team build a business case for more strategic security hires, aiding in their planning for the year ahead. The immediate shutdown of a malicious IP attempting to brute force logins to their application shortly after the deployment of Fastly’s Next-Gen WAF demonstrates the effectiveness of the solution in real-time threat mitigation.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.