iKooB Clinic is a digital patient education platform that can effectively provide medical consultation and education during medical treatment.
Doctor : Doctors can check the patient list and medical records. And they can manage and educate patients according to their own diseases.
Patient : Digitization of medical care, counseling and education enables patients to deeply understand their own diseases and receive their own health care books.
In the past few years, iKooB used domestic private cloud. There were a limited number of third party products available, which made it difficult to select. In addition, It was difficult to allocate or free resources cope with the rapidly increasing traffic. This unstructured part was one of the major factors that neglected security.
The company requires public cloud specific security because it handles personal medical information in AWS. Public-data-protection laws and Mydata laws and the upcomming Data-3 laws raised the need to better address their compliance and security requirements. The efforts in security are seen as a clear competitive advantage at iKooB.
They wanted to make security configuration effective and safe using some part of IT budget, and needed to change security configuration using third party product.
"Agile and fast service is important, but security is more important because there is a lot of sensitive personal information.“
-iKooB CTO Hyunyoup
Instead of deploying NMS, SMS and integrated monitoring separately, We applied integrated monitoring using AWS CloudTrail and AWS GuardDuty. The monitoring rules were very simple and the bestpractice allowed for quick deployment without trial and error. In addition, we have established a detection system for the history of personal information using Lambda. An alarm is triggered when access is made from an unauthorized account, the inquiry volume increases during business hours, or when data is retrieved from a place outside the office. When the unexpected traffic spikes, the resources of the web are sufficient, but the resources of the application and DB are insufficient. This was solved by applying AWS Auto Scaling, and the resources to be identified are also applied to the monitoring system automatically. Sensitive information is encrypted by the encryption algorithm in the application, and sensitive information is encrypted using AWS Key Management Service. AWS KMS also integrates with AWS CloudTrail to provide a log of all key usage to help you meet regulatory and compliance requirements. AWS IAM was used to completely control access to services and resources. Data was protected by separating permissions into users, groups and roles, policies. The principle of least privilege could be effectively followed.
In the event of surging traffic, the server can be expanded by auto scaling, and the cost can be saved by reducing the number of servers when the server is not in use. AWS Auto Scaling has reduced server operating costs by about 30% compared to models designed for high-traffic times. By using AWS GuardDuty and AWS KMS services to build a security system, third party purchasing costs can be reduced by 80% annually and deployment time can be reduced by 20%. It is necessary to configure security according to desired business characteristics in various medical services, and security can be configured flexibly by building security on its own. The savings also resulted in regular vulnerability consulting from a cloudsec security team. These security-configured services have become a driving force in providing confident services in the medical mobile field dealing with sensitive information.
Total Security Service
for clients’ business success
· Customized security consulting
: Establishes and implements master plan for security
· Convergence Security
: Plans systematic and secure business environment