Revolutionising Stroke Care with AI
Nicolab is a health-tech company committed to streamlining the diagnosis and treatment of stroke. Founded in 2015 as a spin-off from Amsterdam University Medical Centers, Nicolab was born out of the landmark MR CLEAN study, a testament to their research-driven focus.
Nicolab works with hospitals and healthcare institutions worldwide to implement their cutting-edge stroke technology. Their solutions provide physicians with powerful AI-powered tools and a collaborative platform to enhance stroke care. They are designed to bridge gaps in care, optimise regional collaboration, and ultimately improve patient outcomes after a stroke.
Nicolab’s Challenge
Nicolab faced challenges due to limited Google Workspace knowledge. User setup needed to be faster, security needed to be more consistent, and unclear admin roles added to the confusion. This made their system hard to manage and exposed them to risks. By implementing clear guidelines and best practices, Nicolab uses the full potential of Google Workspace.
The Goal and Solution
A security assessment was conducted and identified key areas for improvement. These were prioritised, and targeted solutions were designed. After approval, the solutions were rigorously tested in a new OU structure. Fully implemented, these changes provide users with a significantly more secure environment.
Identify Vulnerabilities and Misconfigurations
A thorough security assessment checked the client’s Google Workspace settings for any configurations that might leave them vulnerable. This includes password policies, sharing settings, user permissions, and more.
Compliance Alignment
For various industries, there are specific regulations concerning data security and privacy (HIPAA, GDPR, etc.). An overall assessment helps clients ensure that security settings comply with relevant standards.
Proactive Risk Mitigation
By pinpointing weaknesses and misconfigurations in advance, an assessment lets you take proactive steps to harden your Google Workspace environment; this prevents costly data breaches and security incidents.
- Admin roles: Setting Admin roles with the right Workspace licence and rights
- Password Management: Setting the Password expiration dates, reusing passwords and applying 2FA for users.
- Setting API permissions: determine what data can be accessed by other applications.
- Mail security: Changing forwarding settings & setting up DMARC.
- Document sharing: analysing and changing sharing rules, setting data classification rules.
Visibility and Recommendations
After providing this good security assessment, our experts outlined a clear report regarding potential vulnerabilities and actionable recommendations for strengthening Nicolab’s security posture. Furthermore, communications were prepared for end users to understand and implement this new approach.
The Methodology
The project began with a comprehensive security assessment as part of the CSS track. They are creating an overview of potential vulnerabilities and optimisation areas within Nicolab’s current Google Workspace security settings. The assessment aligned their expectations with Google’s recommended best practices. The existing and proposed settings are carefully documented for full transparency. Where applicable, the Admin SDK API is leveraged via Apps Script to streamline information gathering and automate the implementation of new security configurations.
Why Conduct a Google Workspace Security Assessment?
- Find weaknesses: A security assessment uncovers misconfigurations and vulnerabilities that expose your data.
- Meet compliance standards: Ensure your Google Workspace settings align with industry regulations like HIPAA and GDPR to avoid hefty fines.
- Prevent costly breaches: Proactively address security gaps to protect your organisation from damaging cyberattacks.
- Get actionable guidance: Receive a detailed report with clear steps to improve security posture and protect sensitive data.
The Result
A streamlined Organizational Unit (OU) structure was implemented focused on robust security. This allows Nicolab to easily migrate users in groups or individually to the OUs that match their needs. Security rings were integrated based on the company’s account classification, ensuring a simple and logical organisation for new accounts.
How Security Rings Work
Think of the security rings like layers of an onion. As accounts move inward from the outer layer (ROOT) towards the centre:
- Password Requirements Increase: Basic passwords suffice at outer layers, complex ones are needed for inner rings.
- Functionality Increases: Access expands as accounts move inward.
- Restrictions Decrease: Users have greater flexibility and fewer limits the closer they are to the core.
The Benefit
New accounts start with minimal access and basic security. As needs evolve, they gain greater functionality and stricter password rules and more freedom within their roles.
Find out how to improve your security