Managing security for the largest Dental Support Organization (DSO) in the United States is no easy task. And sometimes, you need a security services partner to lend a helping hand. We sat down with Heartland Dental to talk about all things security, why they chose Rapid7, how quickly they’re expanding, and why it’s time for even the strictest on-premises environments to shift services to the cloud.
Who is Heartland Dental?
As a DSO, Heartland Dental provides non-clinical administrative support services to dentists, allowing them to practice dentistry without the burden of also managing their accounting, marketing, legal, and information security, among other back-office services. Heartland Dental supports more than 1,000 dental offices throughout 38 states and is expanding rapidly.
How did we get here?
We spoke with Heartland Dental’s Senior Security Engineer Ross Petty and Director of Infrastructure and IT Josh Gilmore to learn more about their unique experience utilizing Rapid7. Ross and Josh said they enjoy managing Heartland Dental’s security because of the company’s scale and continuous growth. They are posed with unique and challenging opportunities that keep them constantly striving to provide world-class security services.
The pair said switching from on-premises to the cloud was one of their biggest challenges to date. But as cloud environments mature and new working-from-home situations are normalized in today’s environment, being open to the cloud has made a dramatic difference.
What’s their cloud security approach?
Heartland Dental has been a longtime Rapid7 customer, with a small footprint with Metasploit Pro, Nexpose, and others. As they’ve thoughtfully and purposely made the shift from on-premises management to cloud security, they’ve found it has enabled them to stay connected and collaborate more effectively. According to Josh, shifting to the cloud has allowed them to scale even faster when adopting new services, without the constant need for additional resources to accompany their traditional data center services.
Heartland Dental has a hybrid cloud setup, which means they still maintain workloads and systems on-premises and in public cloud environments. Even though the workloads are in the cloud, support and resources are necessary in the data center to successfully push data. At the end of the day, however, moving to the cloud also allows their team to regain some of the time spent supporting those services or systems. With the help of InsightVM, their go-to vulnerability risk management solution, Heartland Dental has the flexibility to address traditional compliance requirements while also leveraging modern cloud-based technologies.
The Information Security team at Heartland Dental was able to deploy the Rapid7 Insight Agent to over 1,300 workstations very quickly to ensure vulnerability data could be seamlessly collected. This is a testament to the scalability and elasticity of using a cloud strategy.
Any last words?
As other organizations may be considering making the jump to cloud strategy, Josh and Ross have a few final words of advice. They suggest finding a strong, trusted, third-party vendor that understands the cloud and security controls needed to move to the cloud. Shifting to the cloud will in fact present new challenges, and there are fundamentals required to make your deployment successful.