Download PDF
Zscaler > Case Studies > Jefferson Health's Cloud-First Model Transformation with Zscaler Workload Posture
Zscaler Logo

Jefferson Health's Cloud-First Model Transformation with Zscaler Workload Posture

Technology Category
  • Cybersecurity & Privacy - Cloud Security
  • Infrastructure as a Service (IaaS) - Public Cloud
Applicable Industries
  • Healthcare & Hospitals
  • National Security & Defense
Applicable Functions
  • Product Research & Development
  • Quality Assurance
Use Cases
  • Cybersecurity
  • Tamper Detection
Services
  • Cloud Planning, Design & Implementation Services
  • Cybersecurity Services
The Challenge
Jefferson Health, a rapidly expanding multi-state non-profit health system, was faced with the challenge of supporting its rapid institutional growth, a cloud-first strategy, and M&A activity in the highly regulated healthcare industry. As one of the fastest-growing health systems in the U.S., Jefferson Health began adopting a cloud-first strategy to facilitate achieving its patient care and business goals. This transition necessitated the modernization of its cybersecurity posture approach. To support its growth while retaining its patient care excellence, Jefferson Health took a highly quantitative approach to managing risk. This analytical process led the healthcare system to accelerate its cloud-first, multi-cloud, adoption, including Amazon AWS, requiring the security operations team to swiftly deploy zero trust cloud security services. It was also critical to ensure cybersecurity posture was maintained while supporting organizational agility for embarking on new development and strategic ventures.
About The Customer
Jefferson Health is a rapidly-expanding, multi-state non-profit health system with locations in Pennsylvania, New Jersey and Delaware. Established in 1825, the system’s flagship is Thomas Jefferson University Hospital, which also serves as one of the system’s 14 teaching hospitals. Jefferson Health is considered a top facility on U.S. News & World Report’s annual listing of the best hospitals and specialties. As one of the fastest-growing health systems in the U.S., Jefferson Health began adopting a cloud-first strategy to facilitate achieving its patient care and business goals. With this transition came the need to modernize its cybersecurity posture approach.
The Solution
Upon evaluating a variety of cloud security posture management (CSPM) solutions, Zscaler’s Workload Posture quickly rose to the top. Using Zscaler Workload Posture, Jefferson Health receives continuous visibility of security, compliance, and risk posture; the ability to enforce standards via guided and auto remediations; and governance automation by setting policies, exceptions, and integrations with other IT and risk management solutions. The company can also go beyond simply identifying misconfigurations by using Workload Posture’s ability to prevent them from happening in the first place. Provided coverage spans IaaS, PaaS, SaaS and Kubernetes container environments. In addition, organizations with regulated cloud workloads like Jefferson Health are able to get instant visibility into their security posture, along with the capability to enforce compliance with applicable regulations, data protection laws, and security standards. This assists with adhering to strict Health Insurance Portability and Accountability Act (HIPAA), Protected Health Care Information (PHI) guidelines and other regulations.
Operational Impact
  • With the deployment of Zscaler’s Workload Posture, Jefferson Health was able to establish a secure workload posture across multiple clouds including AWS. This enabled business innovation, rapid growth and a cloud-first approach. The solution also provided the ability to compare SaaS and public cloud application configurations to industry and organizational benchmarks. It also receives granular violation reports and can automate remediation according to established best practices. As a result, Jefferson Health now has the visibility into whatever cloud workloads appear next, easing cybersecurity burdens. This has empowered the cybersecurity team with the agility to support rapid business innovation and support business acquisitions while maintaining regulatory compliance.
Quantitative Benefit
  • Achieved visibility and automated metric generation on the first day
  • Doubled compliance scores and established a governance baseline within the first four weeks
  • Achieved immediate risk assessment and continuous automated remediation capabilities

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.