CASE STUDY: MediSecure
Overview: Telehealth provider, 1500 employees, $300M revenue. Core app on AWS, 3 acquired clinics on VMware, fragmented EHRs, Active Directory.
Business Req: Unify patient records, integrate clinics in 90 days, launch patient portal.
Execs: CEO wants rapid integration; CFO wants CapEx to OpEx; CISO demands strict HIPAA/GDPR compliance.
Tech Req: End-to-end PHI encryption, comprehensive audit logging, hybrid connectivity to clinics, DR (RPO 5m, RTO 1h).
Constraints: Clinics have low bandwidth, high staff turnover requires automated IAM, legacy EHRs cannot be modified immediately.
QUESTION:
To meet the 90-day integration timeline and address the low bandwidth at the clinics, how should you establish hybrid connectivity to GCP?
GCP PCA · Question 19 · Security Design
CASE STUDY: MediSecure
Overview: Telehealth provider, 1500 employees, $300M revenue. Core app on AWS, 3 acquired clinics on VMware, fragmented EHRs, Active Directory.
Business Req: Unify patient records, integrate clinics in 90 days, launch patient portal.
Execs: CEO wants rapid integration; CFO wants CapEx to OpEx; CISO demands strict HIPAA/GDPR compliance.
Tech Req: End-to-end PHI encryption, comprehensive audit logging, hybrid connectivity to clinics, DR (RPO 5m, RTO 1h).
Constraints: Clinics have low bandwidth, high staff turnover requires automated IAM, legacy EHRs cannot be modified immediately.
QUESTION:
How should you address the constraint of high staff turnover and the need for automated IAM provisioning?
Answer options:
Create local IAM users in GCP manually when a new employee joins.
Federate Google Cloud Identity with the existing on-premises Active Directory using Google Cloud Directory Sync (GCDS).
Use Workload Identity to map Kubernetes service accounts to IAM roles.
Implement Identity-Aware Proxy (IAP) to bypass IAM authentication.
50 questions · hints · full answers · grading
Expert