Orion Health

Automates security on AWS and gains centralized management

Overview

Founded in 1993, Orion Health is an award-winning, global provider of healthcare information technology that advances population health management and precision medicine solutions. With headquarters in Auckland, New Zealand, Orion Health has 25 offices in 30 countries and serves more than 450 customers such as healthcare providers and payers, networks, and government organizations.

The company’s scalable and open platform, Amadeus, offered through Amazon Web Services (AWS), delivers a comprehensive approach to acquiring, measuring, analyzing, and presenting actionable clinical and claims data, as well as nontraditional data. Amadeus helps clinicians turn insights into actions and delivers precise and personalized care, treatment, and prevention plans for every individual through open APIs to Orion Health or third-party applications.

Challenges

In 2016, Orion Health embarked on a journey to build a security operations center (SOC) to support the deployment of Amadeus on AWS. To ensure the SOC would succeed, Marnie Wilking, CISO at Orion Health, worked closely with stakeholders to identify specific IT and business requirements for the security of the deployment. “Our DevOps team wanted everything on AWS to be 100 percent automated,” said Wilking. “Consistent, automated policies and processes will help to ensure that our customers’ data and systems are always protected.”

In addition, Orion wanted to monitor and manage security across three global regions from a single, centralized console. “Our goal was to simplify security and improve efficiency,” said Wilking.

Finally, they wanted a security solution that could support both Microsoft® Windows® and Linux® operating systems—and a security partner with deep experience on AWS and healthcare compliance such as HITRUST®, HIPAA, and the General Data Protection Regulation (GDPR) requirements.

"Having a partner like Trend Micro who keeps pace with changes in the threat environment is critical to maintaining the highest level of security."

Marnie Wilking,
CISO, Orion Health

 

Why Trend Micro

After reviewing several security solutions for AWS environments, Wilking turned to Anitian, a U.S. based managed service provider with whom she had worked with in the past. Anitian suggested its Sherlock managed security operations platform, which contains Trend Micro™ Deep Security™, to provide the automation Orion Health was looking for.

Anitian felt Deep Security offered the features to meet the goals of 100% automation, compliance, scalability, and centralized management. “Unlike most security vendors, Trend Micro moved into cloud security very early on,” said Andrew Plato, CEO at Anitian. “Trend Micro security products are designed for cloud environments like AWS.”

The Sherlock platform with Deep Security also provided capabilities to secure data and meet PCI, HIPAA and other compliance requirements on AWS. “Having a partner like Trend Micro who keeps pace with changes in the threat environment is critical to maintaining the highest level of security,” said Wilking.

"Together, Sherlock and Deep Security provide the foundation for Orion Health’s SOC with automated and centralized, policy-driven management and administration."

Robert Cooper,
Security Operations Architect and Manager, Anitian

 

Solution

After conducting a proof of concept, Orion Health began deploying Deep Security in early 2017. Designed to augment AWS security with complete protection for cloud workloads, Deep Security provides comprehensive scalable security capabilities.

Deep Security is hosted at AWS on the Sherlock platform. “Together, Sherlock and Deep Security provide the foundation for Orion Health’s SOC with automated and centralized, policy-driven management and administration,” said Robert Cooper, Security Operations Architect and Manager at Anitian.

Orion Health currently uses Deep Security intrusion detection and prevention to proactively protect against known and zero-day threats by shielding known vulnerabilities. The company also uses malware prevention that incorporates advanced techniques like machine learning, and integrity monitoring that tracks and reports system changes in real time. “With Deep Security, we have powerful security embedded in our Amadeus platform, providing automated policies and alerts that ensure our customer workloads are protected on AWS,” said Wilking.

Results

Deep Security provides several benefits to Orion Health that improve IT security and efficiency. For example, Orion Health created a full threat model based on how Amadeus fits into the AWS environment. This allows Wilking’s team to specify policies for new assets based on host selection, automatically granting the right policy.

In addition to HIPAA compliance, Amadeus on AWS was able to gain HITRUST certification within a few months of deployment and will meet GDPR requirements. With the centralized management console, Wilking and her team have the global visibility they need to efficiently manage customers in any country around the world through the SOC.

“It’s hard to find a provider like Trend Micro with deep AWS and healthcare experience. Trend Micro has all essential security capabilities in a single product, they’re very professional, collaborate with everyone on my team, and they respond quickly to our needs,” said Wilking. “I’ve already recommended their solutions to several colleagues.”

What's Next

For a global organization like Orion Health, ensuring the security of customer workloads on AWS is a never-ending job. “Going forward, we expect our visibility into threat activity and automated response capabilities to increase, and Trend Micro will continue to play a large role as our security partner,” said Wilking.