Title:

NextStep HealthTech Cybersecurity Hardening

Our purpose was to identify opportunities for NextStep to bolster its cybersecurity practices. We initially assembled a list of services, devices and accounts used that could be compromised. We then decided to create CPU usage alarms on all running Cloud Server instances to check for abnormal activity on their servers. After this, we connected these alarms to a chatbot that sent notifications to NextStep’s internal communications software alerting the development team if something was awry. Now that baseline monitoring was in place, we decided to create a recurring backup schedule for their Cloud Databases. We were able to do this with a feature that will be a negligible cost per month for daily backups. The next logical step after this was to create recurring backups for their Cloud Storage. Unfortunately, their Cloud Storage software functionality for backups is still in beta, so we created a template that can be applied to create recurring backups as soon as it is available to them. Finally, we used an Open Source Security Audit Script (OSSAS) to assess NextStep’s Cloud Server security protocols. Our first run gave us an output of around 30% ‘passing’, and now we are up to 90%, implying that we have made security improvements that have increased coverage by 60%.

Name

Comment*

Comments are viewable only by submitter

Captcha*