Business opportunity

Over a million people annually depend on a U.S. public healthcare provider for regular check-ups, urgent care and specialized treatments such as organ transplants.

Across its state-of-the-art facilities, the organization uses a myriad of digital systems to run health screenings, dispense medication, and manage complex programs of care. Although the organization’s growing digitalization had increased operational efficiency and improved patient care, the complexity of its IT environment also increased the risk of cyber threats that could result in unplanned downtime.

The healthcare provider had a well-functioning Security Information and Event Management (SIEM) solution. However, they knew that sophisticated bad actors could take even well-defended production systems offline for weeks.

With lives on the line and strict regulations to uphold, the healthcare provider’s end goal was a continuously-operated minimum viable hospital, with the capability to handle disruptions in minutes.

Technical challenge

The healthcare provider operated from a primary data center, backing up data to a secondary site without the redundant systems needed to continue operations in case a catastrophic outage. That hot-cold disaster recovery model supported a Recovery Time Objective (RTO) of 31 days.  

The healthcare provider was experiencing data growth rates of 30% year-on-year. Their existing data protection solution was sometimes unable to complete backups within scheduled windows. Even with full backups, should a bad actor infiltrate the production environment, the healthcare provider did not know if and when their backups were also compromised. That vulnerability could complicate recovery from lesser disruptions and jeopardize recovery from a catastrophic outage.

Since the healthcare provider was already in the process of transitioning to a cloud-based electronic health record (EHR) system, modernizing their disaster recovery solution required cloud-readiness.

 

Our solution

Together, as an important step towards increased availability, the healthcare provider and Kyndryl co-created a future-ready disaster recovery solution that uses AI to proactively scan for threats in backups, and uses a single dashboard for both monitoring and recovery.

Kyndryl first reassessed the healthcare provider's overall recoverability thresholds in the event of a major outage, evaluating best-fit options for an IT estate that was on premises but would migrate onto a cloud platform. The healthcare provider chose the Kyndryl Rubrik Cyber Incident Recovery solution to cost-effectively and flexibly meet its current and future requirements.

Kyndryl experts and the provider’s IT team then partnered to migrate nearly 1,800 systems to Rubrik Enterprise on Microsoft Azure, where mission-critical EHR workloads would run. Rubrik’s immutable, cloud-archived and air-gapped data backup vaults support data integrity and recoverability, even in cases of total disaster at the production site.

The solution enables the healthcare provider to orchestrate the tasks that automatically recover the core systems needed to run a minimum viable hospital even before a full recovery finishes.

Through Rubrik’s AI capabilities, the solution also discovers unprotected data across the healthcare provider’s application estate and actively identifies anomalies in backed-up data. The solution has already alerted the healthcare provider’s Security Information and Event Management (SIEM) of two real threats in the early weeks of operation.