Indonesian Healthcare SaaS Provider Strengthens IAM and TD&R with AWS and MDR
Healthcare-focused SaaS provider that supports thousands of pharmacies and clinics across Indonesia with cloud-based solutions for managing drug inventory and finances. As the business scaled, it needed stronger IAM controls and cyber defense capabilities to safeguard critical health data, maintain uptime, and meet compliance standards.
About the Customer
Healthcare-focused SaaS provider that supports thousands of pharmacies and clinics across Indonesia with cloud-based solutions for managing drug inventory and finances. As the business scaled, it needed stronger IAM controls and cyber defense capabilities to safeguard critical health data, maintain uptime, and meet compliance standards.
Customer Challenge
The customer operated a large and complex IT ecosystem with significant workloads on AWS. Key challenges included:
- Limited visibility across distributed AWS resources, making it harder to detect threats in real time.
- Slow response times to incidents (30–45 minutes on average), increasing the risk of damage.
- Difficulty synchronizing user attributes and group-based access control across AWS accounts.
- Manual provisioning and de-provisioning created risks of orphaned accounts and unauthorized access.
Partner Solution
In collaboration with PT Innovation Cloud Services (ICS Compute), an AWS Advanced Consulting Partner, the customer implemented a cloud-native Managed Detection and Response (MDR) framework, combining IAM and TD&R:
- AWS IAM Identity Center (SSO)
- AWS IAM Identity Center serves as the central identity provider.
- Employees authenticate with existing credentials for seamless single sign-on to AWS resources.
- AWS Identity Center SCIM integration ensures real-time user lifecycle management.
- Endpoint Protection with CrowdStrike Falcon Complete
- Delivered 24/7 threat detection and automated response using AI-driven analytics.
- Provided full MDR capabilities across AWS workloads with proactive defense against ransomware, malware, and other advanced threats.
- Automated Deployment with AWS Systems Manager
- Automated rollout of CrowdStrike Falcon sensors on all Amazon EC2 instances.
- Ensured new EC2 workloads are protected from the moment they are launched, eliminating manual configuration risks.
- Centralized Monitoring with AWS Security Hub
- Unified security findings from Amazon GuardDuty, IAM Access Analyzer, AWS Config, and other AWS services.
- Provided a single-pane-of-glass view of the customer’s AWS security posture with remediation recommendations.
- Incident Response Automation
- Leveraged automation to contain and remediate incidents within minutes.
- Security teams were notified in real time and empowered to act faster.
Results and Benefits
The joint AWS Services and CrowdStrike solution delivered measurable improvements:
- 50% reduction in IAM management effort, freeing IT resources for higher-value work.
- Threat detection reduced to under 1 minute (from 30–45 minutes previously).
- Incident response time cut from several hours to <5 minutes, minimizing business disruption.
- 60% faster visibility into AWS security posture, reducing analysis from 2–3 hours to under 1 hour.
- Automated agent deployment eliminated security gaps on newly provisioned EC2 instances.
About the Partner
PT. Innovation Cloud Services (ICS Compute) is Indonesia’s first AWS Advanced Consulting Partner, specializing in secure cloud adoption, modernization, and managed services.
Recognized with AWS Competencies in Migration & Modernization, DevOps, Resilience, and Generative AI, ICS Compute helps enterprises transform operations with scalable, secure, and compliant AWS solutions.