As a leading provider of medical image handling and processing, and clinical systems, this healthcare organization sought to move to a more manageable system, one that required less human intervention and was self-healing. Insights gleaned from medical images managed by this provider’s system help clinicians efficiently identify options for the diagnosis, treatment, and monitoring of a broad array of health conditions.
Given the nature of the data that it manages for its customers, the company’s IT team sought a stable system with extremely high levels uptime as the impact of production downtime could quite literally be the difference between life and death. Moreover, the IT team wanted a maintainable interface for the delivery of product for production support. In addition, maintaining HIPAA compliance and protecting against the risk of losing personal health information were important business imperatives to address.
A secure, robust solution
With three key business priorities of security, robustness, and cost, we began work by assessing the situation to design and build the right infrastructure for this organization. The group had already been evaluating AWS, which we recommended as well, seconding its focus on automation, immutable delivery, and IaaS. Moreover, as the group was interested in having a solution it could easily manage post-launch, we recommended deploying Docker containers in order to create an infrastructure that is more manageable, providing a consistent interface across Development, Test, and Operations.
DevOps in the Cloud
System robustness as facilitated by DevOps in the cloud helped this firm achieve its uptime and reliability goals. Specifically, we helped the client establish CloudFormation templates for VPCs, networking, NAT, and encryption at rest for all AWS resources. Jenkins jobs were set up to build WAR (Web archive) files and Docker containers, which in turn contained files for Jira, Jenkins, GitLab, Artifactory, and the customer’s application.
This setup increases automation and decreases the need for human intervention while providing development and the flexibility to build systems without concern for the ultimate production environment.
Growing cloud security
The security set-up for this provider used several layers including separation of duties, key management, aggressive patching criteria and the recycling of servers every 15 days. Moreover, security policies specific to HIPAA and AWS were employed to ensure regulatory compliance and the strictest possible level of security to avoid any possible risk associated with the loss of the personal health information of its clients.
For example, CloudTrail was used to log every action taken and by whom, and AWS Config was used to monitor any changes made to an individual component over time. White- and blacklists were used to secure the perimeter and encryption at rest was deployed in AWS as well as for on-premise hardware. All change management was performed in Jira. All code commits to GitLab were required to be tagged with Jira case IDs and Jira was updated automatically when new code was pushed.
Jenkins built the artifacts and containers on every code push and stored the artifacts in Artifactory, thereby correctly tagging a full trail of how and why the container was built. Jenkins deployed the container and similarly tagged the production resources to enable a full 360-degree view of every artifact deployed to production from idea to inception.
AWS cost optimization
We were able to help the healthcare leader proactively manage its AWS costs by providing one-click EZ buttons for creating the full environment, including load balancers, provisioning software, containers, and running the services. This enabled the Dev and QA teams to provision environments on-demand which increased their productivity and eliminated the need to have long-running persistent environments as environments could be turned off when they were not in use and recreated when a need arose.
Now the internal team can Dockerize its application--giving it greater control while erasing the traditional boundaries between teams--and use the AWS ecosystem of tools to increase automation and decrease the need for human intervention. Further, with the application of AWS best practices, security and HIPAA compliance were achieved for this healthcare system provider’s critical data. Last, with a solution tooled for this organization, it can now effectively manage AWS costs to ensure optimal ROI.
*This was originally written by Flux7 Inc., which has become Flux7, an NTT DATA Services Company as of December 30, 2019
Fecha de publicación: 20/09/2019