Customer Stories / Professional Services / United States
Enhancing Remote Access Security Using AWS Verified Access with Avalon
Learn how Avalon Healthcare Solutions enhanced security using AWS Verified Access.
1 hour
to set up secure remote connectivity instead of 1 day
700+ controls
for enhanced security and compliance
50
business users onboarded
Overview
Avalon Healthcare Solutions (Avalon), a provider of lab insights, wanted to give users secure and convenient access to business reports and health data through a web browser—without a VPN. Founded in 2013, Avalon has used a Zero Trust framework on Amazon Web Services (AWS) for its corporate applications from the beginning.
Avalon wanted to streamline its security processes while meeting the requirements of healthcare industry regulations. The company migrated to AWS Verified Access (AVA), which provides secure access to corporate applications without a VPN. Now, Avalon is simplifying identity verification, improving the user experience, and maximizing security and compliance under the AWS Shared Responsibility Model.
Opportunity | Using AVA to Enhance and Simplify Data Security for Avalon
Avalon aims to enhance clinical outcomes by helping health-plan and lab providers improve care through predictive analytics on digitalized lab results. The company has been using AWS and the Zero Trust model since the beginning. “Avalon was built with security first in mind, and we stick to this principle in everything we do,” says Eric Ellis, associate vice president of enterprise cloud technology at Avalon.
Business users and employees need secure remote access to reports for business and financial purposes. However, with the number of resources required for and the complexity of Avalon’s previous VPN solution, setting up new perimeter networks could take days. Avalon stores protected health information (PHI) using Tableau Server, an AWS Partner Solution. To support the Zero Trust model, Avalon siloes its business applications and Tableau Server. When trying to access resources, employees and business users had to sign in to different workspaces and VPNs and remember different passwords for each context.
Avalon needed to maintain strong security, streamline how users access reports and PHI, and uphold the Zero Trust framework. The company wanted users to have browser-based access on the edge instead of logging on to different cloud solutions. It began researching AWS solutions in May 2023 and adopted AVA in June. “We saw that not only could we use AVA to provide secure access to PHI, but we would also save the cost of trying to find another VPN solution, and we wouldn’t have to build additional infrastructure for other functionalities,” says Ellis.
Avalon deployed its new solution to production in September 2023. It also adopted Okta, an independent provider of identity for the enterprise and an AWS Partner. “We didn’t want to spend our money on building the data center that we needed as a healthcare company,” says Ellis. “On AWS, we can secure our PHI data.”
By using AVA, we’ve enhanced our security. The ease of use, level of security, and versatility of AVA are absolutely amazing.”
Eric Ellis
Associate Vice President of Enterprise Cloud Technology, Avalon Healthcare Solutions
Solution | Streamlining Identity Verification and Accelerating Perimeter Network Setup from Days to 1 Hour
Using AVA, Avalon’s employees access business reports by entering a specific URL in the browser and logging in once through Okta. Meanwhile, external users can access PHI from a browser without using a VPN. AVA supports modern protocols, such as OpenID Connect with Okta and OAuth, for authenticating users. When a user visits a Tableau URL to access Avalon’s data, AVA authenticates them by connecting to OpenID Connect with Okta. After verifying that the user has the proper permissions and is in an approved security group, AVA forwards them securely to Tableau. Finally, Tableau confirms with Okta that the user is signed in before it presents any data.
Avalon has also implemented single sign-on to make access even more convenient for users. “We’ve greatly improved the user experience since adopting AVA,” says Ellis. “We’re expanding our services and offering something that we couldn’t before.” Avalon has achieved all this while maintaining industry compliance. The company has annual audits that check more than 700 controls, and it fulfills the requirements of healthcare industry regulations.
As an extra layer of security, Avalon runs a firewall behind AVA. The company used to log hundreds of thousands of attempts to break through the firewall each day. But since implementing AVA, it sees significantly fewer attempts to reach the firewall. That’s because if a person doesn’t have the correct identity and access management permission, AVA immediately blocks access. “By using AVA, we’re protecting our on-premises resources that are being accessed through the web,” says Juan Suarez, senior information security analyst at Avalon. “We have a centralized gatekeeper to these resources, and we can control access.”
Avalon has also streamlined the process of setting up remote connectivity to applications, which used to take 1 day or more. Now, engineers can do this in about 1 hour. And the company has increased the number of users that can access data from a browser. After onboarding 50 business users to AVA by February 2024, Avalon expects this number to grow quickly. “We’ve made Zero Trust a lot simpler and quicker to implement by using AVA,” says Ellis. “We’re doing things that we’ve never done before—for example putting a reporting server such as Tableau on the edge so that users can display it in a browser.”
While it implemented AVA, Avalon engaged AWS Enterprise Support, which provides a comprehensive suite of resources, including proactive planning, communication channels, and 24/7 expert support. “AWS is outstanding in terms of support mechanisms, resources, and teams,” says Ellis.
Outcome | Connecting More Applications to AVA
Avalon has increased the number of employees and business users who can access data from a browser. Next, the company plans to migrate more applications, such as event management, file transfer, and business intelligence, to AVA.
“By using AVA, we’ve enhanced our security,” says Ellis. “The ease of use, level of security, and versatility of AVA are absolutely amazing.”
About Avalon Healthcare Solutions
Founded in 2013, Avalon Healthcare Solutions provides lab insights to enhance clinical outcomes by helping health plan and lab providers improve care through predictive analytics on digitalized lab results.
AWS Services Used
AWS Verified Access
Built on Zero Trust guiding principles, AWS Verified Access validates every application request before granting access. Verified Access removes the need for a VPN, which simplifies the remote connectivity experience for end users and reduces the management complexity for IT administrators.
AWS Enterprise Support
AWS Enterprise Support provides a comprehensive suite of resources, including proactive planning, advisory services, automation tools, communication channels, and 24/7 expert support.
More Professional Services Customer Stories
Get Started
Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.