Medibio

We helped Medibio scale its technology platform ilumen™ while boosting its security and increasing its stability.
Provided Services
Web Development
Mobile Development
Quality Assurance
Cloud Services
MEDIBIO AT A GLANCE

Taking an Objective Look at Mental Health

Medibio is a mental health technology company that envisions a world where data empowers mental wellness. One of Medibio’s technology platforms, ilumen, is a corporate mental wellbeing product that utilizes assessments and biometric analysis to provide feedback to users. The platform also provides users with links to resources which may provide helpful information to improve mental wellbeing.

 

Medibio came to MentorMate in late-2019 with a program of work which was required to scale ilumen, migrate it to a new AWS platform, boost its security, and add some feature enhancements.

“Medibio’s purpose is to find the link between physiologic measures and mental health. Our product ilumen looks at mental wellbeing from both a personal and organizational standpoint. For individuals, ilumen can help them enhance their mental wellbeing. Organizations can look at the mental wellbeing of their organizations health through anonymous data from users and identify geographic or departmental hotspots where people are registering heightened levels of stress.”

Mark Anderson

Principal Quality Medical Affairs Specialist

Mobile phones showcasing Medibio's app screens
SCALING AND ADDING SECURITY WITH AWS

Building for Security and Data Privacy and Preparing for Growth

Since ilumen manages a lot of user data, we built it in a secure way with respect to standards for data security and data privacy. When working with Medibio to choose a cloud provider for ilumen, we guided them towards AWS. This choice was made because AWS allows businesses and organizations concerned with privacy and data protection to effectively manage their user’s data to assure privacy and security.

 

We took an infrastructure as code (IaC) approach while building ilumen and its underlying infrastructure. Using IaC to deploy and configure the needed AWS services makes the process visible, auditable, and repeatable from end to end. As we were building, we also kept the Well-Architected Framework in mind and addressed the Security, Reliability, Performance Efficiency, Cost Optimization, and Operational Excellence pillars.

 

For the deployed workload, we architected and implemented it using only services which met Medibio’s needs for privacy and data protection. Additionally, it’s designed to handle variable traffic and is more than ready for high growth.

“We engaged MentorMate to add additional security features and enhancements to our ilumen product. As part of that effort, we worked with the MentorMate Cloud Center of Excellence and DevOps teams to migrate our application to a new AWS cloud platform that takes advantage of better security improvements, enhancements, and an overall better structure.”

Tony Broich

Director of IT Development

The AWS Nuts and Bolts of ilumen

AWS ECS Fargate and EC2 are at the core of the solution build. Ongoing security and compliance are implemented with AWS SecurityHub while AWS GuardDuty is used for threat detection and as a network IDS system. We used BitBucket pipelines to build continuous delivery (CD) pipelines, automating the software delivery process.

 

This solution means critical workloads are deployed and users’ data is securely stored and transmitted with both encryption at rest and in transit. MongoDB Workloads inside AWS public cloud store sensitive data.

 

By implementing continuous delivery (CD) pipelines the application deployment is also fully auditable and traceable. Using AWS ECS Fargate and autoscaling, we quickly produced a working solution that was secure, scalable, stable, and cost-efficient.

 

Other services used in the ilumen build include AWS Route 53 for reliable DNS service and Elastic Load Balancer with AWS Web Application Firewall to face the web traffic. The opportunity to have AWS WAF facing the HTTP/HTTPS traffic narrows down the attack vector, mitigates bad actor behavior, and improves the overall security posture. The web APIs and user portals are orchestrated by AWS ECS Fargate.

 

AWS Fargate made the docker deployment very fast. It also integrated very well with Parameter Store where all container’s secrets are kept encrypted. Produced docker images are scanned for vulnerabilities on push by AWS ECR.

 

To ensure continuous compliance, we set up AWS Security Hub with alarms that notify our support team of any changes. AWS SSO service is used for signing in the multiple AWS accounts of Medibio, enforcing a two-step authentication. It also works as the identity provider for VPN user access. The Business Intelligence workloads are running on AWS EC2 with configure status alarms.

 

All of this gives the ilumen platform a very high level of resiliency.

"The work that we’ve done with MentorMate over the last six months has helped us make our platform more stable and has really helped position us to sell ilumen on a global scale now that we have enhanced infrastructure and security in place."

Tony Broich

Director of IT Development