Ermetic AWS Value Case Study – IntelyCare
Find out how IntelyCare used Ermetic to automate AWS IAM risk analysis & remediate in minutes.
IntelyCare Selects Ermetic’s Cloud Security Platform for AWS to Support Their Healthcare Clients
IntelyCare provides a better way for post-acute healthcare facilities to schedule their own staff or instantly connect with their pool of over 20,000 high-quality, fully-credentialed per-diem nursing professionals that they call IntelyPros. Their solution offers a digital workforce augmentation platform that combines a gig-model application with advanced data science to optimize staff resources and close the widening gap between workforce supply and demand. Visit: www.intelycare.com.
IntelyCare Use Case
IntelyCare’s cloud native solution leverages an agile approach to software development and architecture design. The healthcare innovator uses AWS to automate the continuous integration and deployment of new updates ensuring their platform always delivers the greatest value to the professional healthcare workforce.
IntelyCare leverages advanced data science solutions like Snowflake data warehouse, AWS EMR, and AWS Sagemaker to help nurses take control of their work schedule. In turn, nurses can now easily find available work shifts in their area tailored to their needs, preferences, and abilities.
Securing their cloud infrastructure and client information is a top priority for IntelyCare. It is imperative that their SecOps teams are able to visualize and understand what potential security risks are associated with an identity’s over-entitled access to AWS services like AWS S3, Amazon EC2, Amazon ECS, AWS Lambda, AWS EMR, and Amazon Athena.
IntelyCare also seeks a deeper and more granular approach to understanding how these identities are using the AWS environment and, in the event that a risk can lead to a potential breach, provide governance and remediation.
Ermetic Overview and Value Delivered to IntelyCare
Ermetic is an APN Advanced Technology Partner, ISV Accelerate, and ISV Validated SaaS security solution that provides an easy understanding of potential cloud security risks that can lead to the breach of a client’s environment. Ermetic differentiates through granular visualizations and analysis of combined exploits like cloud misconfigurations and the over entitled access rights that machine or human identities have over IaaS or PaaS cloud infrastructures. In addition, Ermetic has the unique ability to remediate these risks via IAM rights policy enforcement, allowing clients to focus and leverage an Identity-Defined Security strategy like the principle of Least Privilege or Zero Trust.
- Ermetic provided immediate value to IntelyCare through granular visualization and analysis of all of IntelyCare’s cloud identities, associated infrastructure entitlements, and easily shared dashboards and reports of potential risks to all interested security, DevOps and management teams.
- IntelyCare leveraged a typical land-and-expand model by deploying Ermetic in their Staging environment to remediate their highest identified security risks. IntelyCare used the auto-remediation capabilities of Ermetic to remove access to all detected overprivileged configurations for their AWS IAM users and AWS resources.
- After two months of no business disruption from using Ermetic’s auto-remediation capability, IntelyCare proceeded to remediate less urgent risks in their AWS environment.
- IntelyCare is also leveraging Ermetic as a collaboration tool to build trust and provide DevOps and Engineering with an AWS access risk remediation “playbook’” distributed via workflows.
- IntelyCare is using Ermetic to improve their AWS security posture by detecting their cloud misconfigurations and leveraging associated compliance reports to ensure -- and communicate to stakeholders -- that they are remediating these risks and implementing an AWS Well-Architected Framework and CIS Benchmark best practice.
IntelyCare, through the use of Ermetic’s cloud security solution, can now automate risk analysis across many parts of their AWS IAM landscape and has been able to reduce their two or three people-months of manual security remediation process to minutes.
IntelyCare’s Next Steps with Ermetic
- IntelyCare next plans to expand their Ermetic solution to automate risk analysis and remediation across all their AWS environments, including Kubernetes and production
- IntelyCare also plans to use Ermetic recommended policies to expand least privilege implementation across their AWS infrastructure
Ermetic provides identity-first security and compliance for cloud infrastructure. In one easy-to-use SaaS platform, Ermetic combines cloud identity governance and security posture management - for comprehensive risk mitigation across multi-cloud identities, network, data, and workloads. Designed to improve productivity for overstretched security teams, Ermetic does the heavy lifting, combining sophisticated risk analysis with intuitive visualization, accurate prioritization and automated remediation. Even in the most complex environments, Ermetic makes it possible to reduce the cloud attack surface, enforce least privilege and protect sensitive data at scale. The company is led by proven technology entrepreneurs and is backed by Accel, Glilot Capital Partners, Norwest Venture Partners and Target Global.