Automates protection for AWS and data center environments


Since 1984, MEDHOST has been a leader in healthcare technology and solutions. Today, nearly 1,100 North American acute care and specialty hospitals use their solutions and services to improve clinical delivery as well as financial and operational performance, and provide engagement tools for both patients and consumers. MEDHOST delivers value by enabling hospitals of all types and sizes to better manage the business of healthcare across the care continuum while meeting evolving regulatory requirements.

Based in Franklin, Tennessee, MEDHOST has a staff of 70+ IT professionals to manage hosted client environments and internal core services, including all security tools for approximately 4,000 endpoints and 700 pure-play mobile devices. The company’s hybrid cloud supports 400 active Amazon Web Services (AWS) production workloads that use Docker containers to test and deliver dozens of microservices (such as public patient portal) and two data centers.


Security is at the core of all MEDHOST activities. With a multi-cloud environment, they needed a security solution that fits all environments, provided automation and standardization, and consolidated visibility with a single-screen management console and automated alerts. “When we moved to AWS, we wanted one security solution that could do it all,” said Rob Williamson, Security Engineer at MEDHOST.

Protecting vital healthcare data is key for MEDHOST. In addition to meeting the same compliance and risk issues as all major enterprises, MEDHOST must comply with federal mandates such as HIPAA when securing patient privacy. To comply with these stringent standards, MEDHOST needed to protect against unauthorized access to its virtual machines (VMs), as well as ensure encryption across workspaces, secure Docker containers on AWS, and keep security patches up to date.

“Our goal is to provide a robust security program to protect the business, our associates, our clients, and their data with regard to regulatory and sensitivity requirements,” said Todd Williams, Security Operations, MEDHOST.

Why Trend Micro

MEDHOST has been using Trend Micro™ Deep Security™ solution to protect its data centers for years. However, when they began looking for a solution that would protect their cloud workloads, they reviewed solutions from several of the leading vendors. In the end, Trend Micro was selected. “Trend Micro Deep Security offers amazing extensibility to manage all policies and controls in our data center and AWS environment with minimal resources,” said Williams.

In addition to Trend Micro’s long experience securing instances in AWS environments, MEDHOST chose Trend Micro because of its commitment to service and partnership that’s been evident from the beginning of the relationship. “Trend Micro is a true partner. When we have a security challenge, Trend Micro experts are in the room helping us secure our AWS environment,” said Williams.

"Trend Micro Deep Security offers amazing extensibility to manage all policies and controls in our hybrid cloud environment with minimal resources."

Todd Williams
Manager, Security Operations, MEDHOST


MEDHOST expanded its use of Deep Security to protect Docker containers in its AWS environment. Docker containers allow MEDHOST to develop applications in a test and production environment, letting them speed up the release of new functions while increasing the quality of service. They implemented Deep Security at the Amazon Elastic Compute Cloud (Amazon EC2) instance level, so they could manage the containers individually. “The Deep Security agent is baked into all workloads to monitor ingress and egress traffic on Docker containers,” said Williams. “This allows us to segment assets by workloads, apply policies, and create containers.”

MEDHOST currently uses four Deep Security modules; the management dashboard, intrusion detection and prevention, malware prevention, and web reputation. “The management dashboard eases management and provides the visibility required to keep our data center and AWS environments secure,” said Williamson. “With intrusion prevention, we can apply virtual patching and set policies to block known malware. Deep Security is built into everything and is automatically loaded to protect workloads.”

"Using Deep Security, we were able to improve our efficiency with Docker containers to realize savings for our AWS licenses and compute costs."

Todd Williams
Manager, Security Operations, MEDHOST


In addition to improving efficiency by unifying MEDHOST security tools and centralizing management, Deep Security provides real-time protection and allows the MEDHOST IT team to monitor its environments, detect issues, and rapidly resolve them. “When we go into Deep Security’s Intrusion Detection and Prevention module, we can see the solution is actively blocking threats,” said Williams.

The MEDHOST security team is also pleased with the ease of use and effectiveness of tools provided by Trend Micro. “The combination of exceptional security tools and the level of support we receive from Trend Micro instills confidence in our security team,” said Williams.

Deep Security also improves security for Docker containers on AWS allowing MEDHOST to deliver public patient portals that are simple and flexible. “Using Deep Security, we were able to improve our efficiency with Docker containers to realize savings for our AWS licenses and compute costs,” said Williams.

What's next?

Looking to the future, MEDHOST plans to enable more Deep Security modules, such as multi-platform application control that increases visibility into applications, and detects and blocks unauthorized software, malicious attacks, and malware. “Trend Micro has been instrumental in helping MEDHOST achieve its security goals, and we look forward to continuing the partnership,” said Williams.