Securing Apps and APIs in 2023:
See Wallarm Demo for CISOs and Practitioners!
Wallarm logo
Close
Privacy settings
We use cookies and similar technologies that are necessary to run the website. Additional cookies are only used with your consent. You can consent to our use of cookies by clicking on Agree. For more information on which data is collected and how it is shared with our partners please read our privacy and cookie policy: Cookie policy, Privacy policy
We use cookies to access, analyse and store information such as the characteristics of your device as well as certain personal data (IP addresses, navigation usage, geolocation data or unique identifiers). The processing of your data serves various purposes: Analytics cookies allow us to analyse our performance to offer you a better online experience and evaluate the efficiency of our campaigns. Personalisation cookies give you access to a customised experience of our website with usage-based offers and support. Finally, Advertising cookies are placed by third-party companies processing your data to create audiences lists to deliver targeted ads on social media and the internet. You may freely give, refuse or withdraw your consent at any time using the link provided at the bottom of each page.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Reject All
Cookie SettingsCookie Settings
Accept AllSave Selection
Wallarm
>
Resource Library
>
MedNet Case Study
Case study

MedNet Case Study

Promise to customers: high usability and ePHI/HIPAA protection

When clients asked for increased protected health information (PHI) security, MedNet took the opportunity to go even further. They set their minds to finding a solution that would strengthen security for PHI and HIPAA compliance and streamline their overall security processes—all as they migrated to the cloud.

MedNet’s customers require absolute data privacy. For nearly 20 years, MedNet has been supporting clinical research initiatives for partners worldwide who work with highly sensitive information in biotech, pharmaceuticals, medical devices, and animal trials. MedNet’s electronic data capture (EDC) product, iMedNet, is the customer favorite of the e-clinical technology platforms MedNet offers. It helps science and healthcare professionals and clinical trial services securely utilize highly sensitive data from pre-clinical through phase IV studies. Among favorite features are high usability and configurability wherever customers are based.

The challenge for MedNet was to balance iron-clad confidentiality around PHI with a high level of usability for their EDC.

PHI protection + HIPAA & Client data

To increase the usability of their EDC, iMedNet would migrate to AWS. MedNet needed the ability to totally monitor and secure iMedNet in the cloud, even as it grew in users or varied in traffic. Risk-savvy clients requested a Web Application Firewall and API protection for protection and assurances about data privacy.

Several WAF competitors met the requirements but required the traffic to be routed through their proxy servers. The catch was routing through their proxy servers required the execution of a BAA agreement and incurred higher costs.

MedNet decided to test a WAF built for AWS by Wallarm. It wasn’t the most obvious or expensive solution at the start. But it met their criteria. The right security solution would:

  • Protect customer PHI
  • Advance and streamline HiPAA compliance
  • Keep the business pipeline moving swiftly—easily integrating into their processes and toolset while scaling with them as they grow.

Performance testing

MedNet initially deployed Wallarm as a proof of concept to ensure it would meet with internal requirements, including performance testing with iMedNet to be sure that the WAF did not introduce a bottleneck.

MedNet’s Stack

The MedNet team chose to first deploy the Wallarm as a docker container, then configure both it and the NGINX proxy. Next, the team put logging and monitoring in place to guarantee issues could be identified and fixed as quickly as possible.

Once operating, MedNet found the Wallarm easy to support. They collected the log files and shipped them to Sumo Logic.

In testing, Wallarm quickly identified a couple of key items to watch for. The operations team identified these as leading indicators of potential issues to come. The identified types of alerts were used to prompt a proactive restart of the containers.

The WAF’s proof of concept won Wallarm a place in the MedNet security stack. Performance testing had proven Wallarm for AWS a better solution, made easier.

  • AWS EC2 instances in multiple regions
  • Micro-services infrastructure with Docker’s containers
  • Sumo Logic SIEM
  • Container management tools

The tech: Wallarm over other Solution

In addition to compliance and security assurances for iMedNet in AWS, there were solid reasons MedNet listed as to why it chose Wallarm over some of its competitors. Here is what they said:

  • Managed service makes the most of resources
    MedNet doesn’t have spare security expertise in-house. Managed service meant Wallarm’s security professionals could monitor traffic to and from iMedNet—saving money and freeing security teams for more essential oversight.
  • No external proxy servers (helps HIPPA)
    Wallarm leverages proxy servers on MedNet’s own infrastructure to concentrate traffic at a central point. These proxy servers may have PHI data on them because they terminate SSL connections, which means they can examine the contents of the network flow. (It’s also when the Wallarm node examines the traffic flow)
    No BAA is required using Wallarm since the Wallarm servers are deployed on MedNet Infrastructure. That saves money and helps with HIPAA.
  • Ease of use: deployment to upkeep
    The Wallarm solution is simple to deploy and update.
    MedNet’s chose to use the Wallarm Docker container deployment option. Containers are easily deployed to multiple servers behind load balancers. It allows MedNet to rotate in new Wallarm servers behind the load balancers while Wallarm drains traffic off old Wallarm servers. No downtime.
    Wallarm lets MedNet react quickly to identified vulnerabilities while minimizing impact on their operations.
  • Comprehensive, real-time security
    Wallarm’s powerful AI engine provides an overview of traffic, information about attacks and incidents, and vulnerability scanning fast.
    The web-based management interface provides a nearly real-time view of both the traffic being managed and information about attacks and incidents that may be happening. Wallarm also provides vulnerability scanning, checking exposed IP addresses it associates with MedNet Solutions.


The ability to meet HIPAA guidelines for PHI compliance and to be able to provide the service at a reasonable price point were important in the decision to go with Wallarm. WAF and API security is very important to help manage and support a complex application such as iMedNet.

Gary Johnson, Infrastructure Architect
panasonic logo
miro logo
rappi logo
semrush logo
tipalti logo
wargaming logo
gannett logo
acronis logo
uz leuven logo
workforce logo
sunquest logo
omio logo
RESOURCES
Ready to protect your APIs?

Sign up for free. Get started in minutes.

Book Demo
wallarm logo 2
Wallarm Security Platform
API Security Platform OverviewAPI Threat PreventionAPI DiscoveryCloud-Native WAAPSecurity TestingIntegrationsDeployment
Solutions by Cloud
AWSGCPAzureKubernetes
Solutions by Industry
API Security for HealthcareAPI Security for FintechAPI Security for RetailAPI Security for Technology
Resources
Resource LibraryWhitepapersDatasheetsCase StudiesWebinarsLearning CenterCloud Native Products 101GlossarySupport
Featured Resources
API Security ChecklistTop Five Challenges in Protecting APIsA CISO's Guide to Cloud Application SecurityWallarm for KubernetesAPI Security Trends. Quarterly Review of API Vulnerabilities
Learn Wallarm
DocumentationAPI specsTerraform Provider
Terms of ServicesPrivacy PolicyCookies PolicySecurity Bug Bounty ProgramSoftware License AgreementService Level Agreement
->
Cookies Settings
2023
©
188 King St. Unit 508,

San Francisco,
CA,
94107
(415) 940-7077request@wallarm.com
AICPA logo