Intro

For healthcare institutions, cloud-based solutions are becoming an increasingly attractive option. Successful cloud transformation reduces costs and allows for higher levels of flexibility and security. Our dedicated team of experts helps healthcare organizations design and build safe, scalable, and highly reliable cloud-based solutions on AWS in a fast and most efficient manner.

The client: Vivy –  the leading digital health platform

Vivy is a subsidiary of Allianz SE, a leading international insurance group based in Berlin. It’s a young company founded in Germany in 2017. Since then, its mission has been to create a solution that helps users better manage their health and control their sensitive health data. As a result, Vivy built an application that allows checking how healthy the user is currently living. The app also gives valuable tips on enjoying a healthier life and safely storing your health data.

 Already hundreds of thousands of people trusted Vivy and installed their app while the company itself spreads the new markets (Germany, Malaysia and Columbia at the moment).

Key challenges: Reliability, compliance and security are critical

Vivy is subject to strict compliance and governance regulations as a digital health platform stemming from Germany.

Vivy’s healthcare app comes under strict legal requirements is making data safety-critical. Any failures in this area could lead to severe consequences. Reliability, high availability and security are necessary to meet legal regulations and gain users’ trust. Medical data is vulnerable, so keeping it safe was a pillar of our job. All information stored should be encrypted and access to it strictly regulated.

The solution: The migration of healthcare application to Kubernetes clusters

Our team helped Vivy navigate those issues while working on modernizing their environment following DevOps best practices – including migration of their entire codebase and infrastructure to a globally scalable infrastructure as code model.

A multi-account AWS Organization with a secure and highly available network infrastructure was created to separate workloads based on different security and high availability needs based on client needs.

Using multiple AWS accounts helps isolate and manage business applications and data, which is critical from scalability, reliability, and security. AWS Single Sign-On makes navigation around them pleasure while still allowing fine-grained permission setup.

On the other hand, the foundation of high available cloud solutions is a well-designed network that at the same time allows interconnectivity between VPCs located on different accounts while keeping them fully isolated if needed. This was achieved by using separate Transit Gateways for production and non-production environments. Vivy is planning to release the app to the new markets. Logical isolation between region environments using separate AWS Accounts and Transit Gateways route tables for each region is achieved.

These were fundamentals for the next steps, including migrating the microservices to the AWS Managed EKS clusters backed up by encrypted S3 Buckets, DynamoDB and RDS databases for data storage and protection.

Many AWS services increase the security of the created infrastructure. Starting from Service Control Policies restricting the available services and AWS regions, VPC Flow Logs captures the IP traffic ending up on Organizations level CloudTrail logs. All the logs are stored on encrypted S3 buckets on separate AWS accounts.
Furthermore, Fluent Bit DaemonSet on EKS clusters sends the cluster logs to CloudWatch Logs while deployed microservices are integrated with Amazon CloudWatch Container Insights.

The above was created using Terraform in the role of infrastructure as code tool.

The Results: The client’s new infrastructure operates successfully on a secure AWS environment

Thanks to our experienced engineers, the client has a safe, efficient and reliable infrastructure available to users 24 hours a day without any downtime. Migrating the application to the cloud means that the customer doesn’t have to worry about security and compliance with regulations.

We have built a secure and manageable AWS-based infrastructure that can be easily scaled as the application grows. Vivy can focus on developing its core business, be more competitive and grow rapidly with the cloud.

About Tameshi

We help you navigate the cloud and build the right architecture that meets your specific business needs. Our experts take your business into the world of clouds in a safe and predictable way.

We are an AWS Advanced Consulting Partner, so we can help you get real value out of the cloud. At Tameshi, we have a strong team of certified engineers with AWS-ome skills, a high level of expertise and in-depth knowledge of technologies delivered by AWS. We can’t wait to guide new clients on how to benefit the most from the AWS cloud.

We can build great things together. Get in touch with our cloud experts.