Meanwhile, increased regulatory demands and patient traffic due to the pandemic underscore the value of IaC to help improve database management.
A recent study from Redgate Software that examined adoption of DevOps in the healthcare sector revealed that increased speed and improved efficiency are among the top reasons healthcare organizations adopt DevOps practices.
How Infrastructure as Code Drives Efficiency and Security in Healthcare
IaC provides fast, fine-grained control of resources to spin up and down IT infrastructure, so it can help support demand and capacity management. And because requirements of resources are already codified, IaC can play a key role in incident response and disaster recovery.
Unlike traditional development infrastructure patterns, which can feature stale data sets and configurations that don’t match production, IaC allows healthcare organizations to develop applications and code more securely and operate more consistently across different environments, saving time and reducing risk.
“For healthcare, inconsistent deployment and human variability can have a huge impact on security and compliance of the application, and IaC helps provide consistency,” Greenfield says.
According to the Redgate study, risk reduction is one of the primary motivations to automate database delivery, while more than a quarter (27 percent) want to implement IaC practices to free up cost-intensive developer time, making it the top driver for the healthcare vertical.
“At its simplest, it’s a potentially rapid way of altering your infrastructure using automation to meet the needs of new ways of working for a healthcare organization,” says Dr. Saif Abed, a London-based cybersecurity expert.
By codifying and automating management of infrastructure, he adds, organizations can create audit trails of version control to inspect the underlying code, which is critical to security.
“They also have a set of instructions that can accelerate disaster recovery of infrastructure should the worst happen and your infrastructure is compromised due to a cyberattack,” Abed says.
Indeed, the Redgate study found more than half (58 percent) of respondents have version control measures for database code in place that enable automated builds and deployments.
“However, as with anything, it isn’t perfect, and IaC can have its own vulnerabilities that are exploitable by attackers,” Abed says. “It is not a security silver bullet.”
Supporting Remote Work Teams with IaC Solutions
Healthcare can use IaC as a mechanism to support needs caused by bursts of patients while keeping personal identifying information protected.
IaC is also a highly effective way for teams to scale elastic environments consistently across a distributed workforce.
Remote teams, then, may make a change to the source of an issue rather than each individual endpoint. That’s an advantage when an employee can’t simply walk down the hall to help a colleague fix an issue with his or her device.
One example is configuration drift, which happens when changes are made to existing infrastructure without updating the code to match. This can create significant security issues and long-term compliance challenges; even a small divergence can create big problems down the line.
“In a perfect world, all infrastructure changes are done in the code, so this wouldn’t be a problem,” Frank says.