Nurx is a telehealth service with licensed medical professionals, pharmacies, and labs. They are making healthcare more accessible to everyone from the comfort of their home. Through their website and mobile app, users can get a prescription from a doctor and have their medication delivered right to their door. Nurx chose the Heimdall Database Proxy and Amazon RDS for Postgres because of its ability to securely authenticate and authorize users to the database. In this blog, learn how this joint AWS solution met the requirement of secure data access.
Nurx used JumpCloud as an authentication system. JumpCloud’s open directory platform makes it possible to unify technology stacks across identity, access, and device management, in a cost-effective manner that doesn’t sacrifice security or functionality. The Nurx team had the choice to either manually program user credentials and privileges on the Postgres database, or leverage their existing JumpCloud infrastructure with added software development.
Nurx chose The Heimall Database Proxy for its ability to authenticate and authorize users with the LDAP protocol. It was the perfect candidate to integrate JumpCloud with Amazon RDS for Postgres.
For LDAP, group membership data is stored in addition to user authentication data. Users may belong to one internal group and not another. Group membership is often neglected in database offerings. The Heimdall Proxy full integration with LDAP allowed the authentication of users and removed the burden to manage users on the databases. Instead of preconfiguring users, the Heimdall Proxy synchronized user information from LDAP into the database so that access control was maintained.
Heimdall Proxy provided granular auditing This benefits the IT teams by:
- Integrating data access control with existing user management processes.
- Immediate access termination when a user leaves the group.
- Password reset is automated without additional help desk personnel.
- The synchronization routine creates an audit log of who accessed what data and when.
Heimdall Proxy provided granular auditing (who, what when), automated authentication and authorization, and group synchronization. The implementation did not require any application or Amazon RDS changes. The transparent solution saved over 6 months of development.
Resources and links: