About The Client
The client is a leading healthcare provider in Australia looking to build a SaaS-based system that enables a new, highly disruptive business model – a mobile, anywhere/anytime solution that enables doctors, specialists, practice managers, and support staff to securely access and update their appointments, patient records, consult notes and lab test results from any digital device that has an Internet connection.
The Overview
The client business requires to store healthcare information for patients’ records and due to the SaaS-based model needs to process thousands of requests per day.
There must be a balance between data sharing among health care professionals and admin staff while working on the cloud-based software, meanwhile protecting patient information and personal data (For ex: identification number, photos, etc.). Without the security of IT systems and web applications, the facilities are considered as incomplete.
The Challenge
- The client product was facing continuous security threats and challenges due to the nature of the data.
- The security challenges include HTTP flood attacks and DDoS attacks that lead to product downtime as well.
- Malicious activities are found in off/down hours along with bad IP addresses tried to get access to the system data.
- The client’s concern was to protect the product against bots that were flooding the website traffic and save the site against SQL-injection attacks.
