Data Security Cloud Helps itpilot Establish a Secure, HIPAA-Ready Presence in the US Market
ITPilot managed to easily deploy their first U.S.-based hosting setup for their premium clients’ healthcare software application.
itpilot is a Danish software development and consulting house with over 25 skilled employees dedicated to developing quality software. Their core services include the development of websites, web shops, and applications. The organization helps customers integrate these solutions with their existing ERP and Pim systems or Data Warehouse and Business Intelligence environments. Developing and implementing customized IT systems, they help their global customer base accelerate their digital transformation and expand their online presence.
A vital asset of the organization is its ISAE 3402 certification, which is revised and renewed every year. This compliance guarantees that itpilot meets all legal requirements and international standards for IT security and quality. The certificate serves as a guarantee that itpilot is a reliable partner and hosting supplier for customers with demanding security, compliance, or regulatory requirements.
itpilot hosts its customers' web solutions and other products in their top-security hosting center in Viborg, Denmark, at competitive prices. To enable their secure hosting services on a global scale, the organization collaborates with hosting partners in Germany, Finland, the Netherlands, the U.S., and Canada.
“We were looking for a reliable partner to help us cater to the security and compliance needs of our U.S.-based customers. phoenixNAP’s flagship data center in Phoenix and their secure-by-design cloud infrastructure solution combined with their fast and professional response to our vital questions was the key factor for choosing them as our gateway to the U.S. market“
CHALLENGE
Before discovering Data Security Cloud, itpilot was looking for an affordable solution which would meet the needs of their U.S.-based client. To expand their footprint outside the EU and bring their IT close to their target market, they considered several options. The choice landed between leveraging colocation services or opting for hyperscale public and private cloud solutions. However, capex, poor security, and the inability to meet their strict compliance and regulatory requirements forced them to look beyond conventional cloud offerings.
High Upfront Costs with Colocation
For a small business like itpilot, building a secure and compliant IT infrastructure abroad was cost-prohibitive, especially offsite backup options that would ensure data availability. While choosing colocation in a compliance-ready data center was an option, it involved buying and configuring server hardware and paying for software licensing. With limited staff and budget resources, itpilot turned to public and private cloud options. They needed a secure cloud environment suitable for processing sensitive workloads while offering consistent performance for demanding client applications.
Lack of Security and Compliance with Conventional Cloud Solutions
itpilot found that popular hyperscale cloud solutions fall short of meeting their regulatory requirements for expanding their global reach. When it came to public cloud services, security and lack of visibility were deal breakers. As far as private cloud was concerned, most options were not HIPAA-ready or VMware-certified.None of the hyperscale providers offered advanced data protection and data backup systems built into their VMware-based solution.
Need for control, visibility, and technical support
Striving to offer secure hosting solutions at competitive prices, itpilot encountered difficulties finding a product to match their particular performance, security, and budget needs. They needed layered security services that are not typically integrated into popular cloud products. Their previously considered private cloud options came with a steep learning curve and significant monthly costs to operate and maintain. To seamlessly cater to the needs of their clients, itpilot needed single-pane-of-glass control over their environment and easy access to technical support staff. Hyperscale cloud providers offered live support, but it was often heavily gated and costly. This possibly meant hiring third parties to streamline the migration and management processes, increasing costs while decreasing visibility and control.
“Our team of 25+ developers operates on a different continent. So, we needed a secure cloud solution that will allow us to host our U.S. client’s healthcare application and at the same time give us control over our VMware environment. phoenixNAP’s HIPAA-ready platform offered us multiple layers of software and hardware-based data protection technologies at an unbeatable price point. Their staff helped us set up the environment and migrate our clients’ workloads to it, letting our teams focus on software development instead on solving infrastructure management complexities.“
SOLUTION
itpilot decided to run their client’s workloads on phoenixNAP’s Data Security Cloud (DSC) platform. They were searching for a cloud service provider that delivered turnkey access to a private cloud environment which meets their industry regulations and security demands. phoenixNAP’s Data Security Cloud turned out to be a perfect fit.
It gave itpilot easy access to industry-leading security-oriented technologies and made them available on an opex model. These included micro-segmentation, integrated cloud backups, software-defined networking (SDN), hardware-based encryption, and automated threat intelligence.
With VMWare NSX at its core, Data Security Cloud enabled itpilot to isolate virtual machines and contain the impact in case of network penetration or lateral threat movement.
Hosted in phoenixNAP’s enterprise-grade SOC-1, SOC-2, and SOC-3 audited facility in Phoenix, Data Security Cloud allowed itpilot to cost-effectively extend their market reach to the U.S. without the overhead of building and maintaining a secure in-house infrastructure.
From a security and compliance perspective, Data Security Cloud met itpilot’s requirements through:
- GDPR and Privacy Shield compliance - For data protection requirements when transferring data between the EU and the U.S.
- HIPAA-Ready product – Makes it easier to comply with federal HIPAA regulations and requirements.
- Multi-layered data protection – Hardware-enhanced data encryption, network micro-segmentation, endpoint protection, and integrated backups.
- PCI-DSS certification – Suitable for processing sensitive payment data.
- 24/7 on-site security – With professional staff, video surveillance, MFA, and mantraps.
- DDoS protection – Network-wide free 20 Gbps DDoS protection.
- Integrated Veeam Backup – For creating offsite backups to phoenixNAP’s data center in Ashburn, VA.
Relying on phoenixNAP’s in-house team of solution experts, itpilot managed to easily deploy their clients’ services into this secure-by-design Vmware environment. Using the Vmware Cloud Director, they gained complete visibility into their deployments. The single-pane-of-glass portal allowed for backup management as well as monitoring of all connected systems remotely. This helped itpilot teams focus on software development while knowing their client’s sensitive data and applications were safe and always available.
“We took various secure cloud solutions into consideration for our use case. None of them came with integrated backups, micro-segmentation, and renowned endpoint protection technologies. Data Security Cloud was unique in that respect and the fact that phoenixNAP is a certified Vmware partner assured us they have the technical know-how and resources we could easily leverage.“
BENEFITS
As a fully managed solution tailored to clients’ demands, Data Security Cloud gave itpilot’s developers access to the latest security, networking, and compute technologies. Choosing this platform for their expansion to the U.S. market delivered the following benefits to the organization:
- Compliance-ready infrastructure – On-demand deployment of a compliant, trusted, and reliable cloud infrastructure in the U.S.
- Unparalleled data security – Multiple layers of hardware and software-based data security for advanced protection and always-on availability.
- Visibility and costcontrol – Transparent and scalable plans with centralized access to the platform management portal.
- Hybrid cloud compatibility – Easy integration of on-prem infrastructure with Data Security Cloud using familiar VMWare tools.
- 24/7 technical support – Fully managed migration services, solution deployment, and customization support.
- Lower TCO — Fully secure VM environment without investing in expensive hardware or security systems.
- Quick and reliable scalability — Capability to deploy compliant cloud environments without infrastructure setup or management overhead.
itpilot opted for the Data Security Cloud Essentials solution plan but they can additionally strengthen their client’s security posture with industry-leading technologies. The platform’s Advancedplans include Sophos® Intercept and Detection and Response technologies, the market leaders in antivirus protection. Additionally, by activating the Managed Detection and Response feature powered by Alert Logic, itpilot can offer their clients early intrusion detection of malware and malicious activity in their network.
“phoenixNAP made Data Security Cloud available in multiple locations across the U.S. This gives us the freedom to expand our footprint while sticking to this battle-tested cloud solution. What’s more, their data center in Phoenix is home to other flexible and cost-effective cloud and bare metal solutions, which gives us opportunities for expanding the range of hosting services we can offer to our clients.“