IntelyCare

IntelyCare uses Tenable Cloud Security to automate risk remediation and least privilege

Overview

IntelyCare is the most comprehensive healthcare talent platform, enabling care settings of all kinds to promote their unique value and work opportunities to the largest community of qualified nurses. By allowing nurses to construct the optimal workforce situation to fulfill their career and lifestyle goals, and enabling facilities to create the optimal workforce mix, IntelyCare helps overcome the healthcare labor crisis and elevate care for all.

Challenge

A cloud-native healthcare technology enterprise, IntelyCare develops and runs its business across multiple AWS accounts. Huge recent growth in its client and user base, and use of healthcare data, make its cloud platform vulnerable to bad actors.

Explained Larry Viviano, Director of Information Security, IntelyCare, “We are a prime target for identity thieves because our telecare employees upload sensitive data — protected personal information like patients’ COVID tests, shots and medical records.”

Viviano had a clear vision for protecting his organization’s cloud infrastructure, starting by aligning it with Center for Internet Security (CIS) benchmarks. “One of the rst things CIS asks about is your software and hardware inventory.” To address this need, Viviano sought visibility into all the inventory components in IntelyCare’s complex cloud environment. He also aimed to automate risk mitigation. “My big thing is automation. We’re a small security team trying to do a lot — I utilize tools to supplement people and increase productivity.”

Explained Viviano, “Over the years I’ve been burned by many automation tools claiming to do what they can’t and that break production. It gives security practitioners a bad rap with DevOps, who don’t want security to break their systems.” To put his goals into play Viviano wanted his cloud security stakeholders on board — he sought their trust.

Solution

Recalled Viviano, “I started looking at [Tenable Cloud Security] at a previous company and saw it offered visibility into access and privileges typically seen by only DevOps, engineering or infrastructure. [Tenable] let me see deeply and show stakeholders how we could take work off their plates — this was the rst use case, and you guys knocked it out of the park.”

IntelyCare’s security team started deploying Tenable Cloud Security in one of its staging environments, focusing on the highest risks, which the platform prioritizes by severity. “[Tenable] identies risks and tells you what to do about it — this prescriptive approach is awesome in helping explain to a lot of different groups what needs to be done,” explained Vivano. “We built condence in security to the point where we said, ‘Let’s start remediating some of our AWS risk issues.’ Using [Tenable Cloud Security] we removed all over privileged congurations for IAM users and then for services; we did all the automatic remediation we could, and in two months. It didn’t break anything so we continued the momentum, working down the list, eliminating more risks.”

Viviano continued: “Since security personnel don’t use AWS at that level we’re using [Tenable] as a collaboration tool for passing a clear remediation playbook to relevant parties for their easy execution. We open a security ticket in [Tenable Cloud Security], assign it to our Jira workflow, and voila.”

The platform is supporting IntelyCare’s security strategy. Noted Viviano, “We need to keep our CIS benchmarks green. This is where [Tenable] is helping by giving more than just a window into our cloud identities; it gives insight into miscongurations that affect benchmarks so need remediating — and then lets us remediate.” As part of its CIS benchmark initiatives, IntelyCare also recently rolled out multi factor authentication — one more of many risk factors that Tenable tracks.

IntelyCare is now expanding its Tenable Cloud Security deployment across all its AWS environments, including Kubernetes and production. Explained Viviano, “[Tenable Cloud Security] is key for letting us know how our AWS environments are being used. The alternative would be extremely manual, such as going to DevOps for lists of VMs, then trying to gure out the risk and how to secure it.” He continued: “What [Tenable] can show me and let me do in minutes would have taken two or three security people months to do. Candidly, that’s where I think [Tenable] gives return on investment: by automating those things and giving snapshot visibility.”

Viviano concluded: “We’ll next start using [Tenable Cloud Security] recommended policies. We’re a company that really wants to be least privilege — and [Tenable] is helping get us there. The solution is giving visibility, and letting security gain trust and build collaboration with DevOps and other teams to mitigate identity risk. That’s how I win at my security goals for the company.”

About Tenable Cloud Security

Tenable Cloud Security is the actionable cloud security platform (CNAPP), rapidly exposing and closing priority security gaps caused by misconfigurations, risky entitlements and vulnerabilities. These weaknesses are the epicenter of cloud risk. Tenable is a world leader at isolating and eradicating these exposures at scale across infrastructure, workloads, identities, data and AI services.