Royal Medical Center Achieves 35% Cost Reduction and Strengthens Cloud Security on AWS with OneData
Learn how Royal Medical Center (RMC) improved its security posture, enhanced compliance alignment, and reduced AWS cloud spend by 35% by partnering with OneData, an AWS Partner specializing in cloud transformation and optimization.
Benefits
35%
reduction in AWS cloud costs
$3,700+
monthly cost savings
security services
Continuous monitoring
100%
security monitoring coverage
PCI DSS
Improved compliance alignment
About Royal Medical Center
Royal Medical Center (RMC) is a healthcare provider focused on delivering personalized wellness and treatment programs designed to improve patient outcomes and overall quality of life. The organization leverages digital platforms to support patient engagement, streamline operations, and enhance service delivery. By combining healthcare expertise with technology-driven solutions, RMC aims to provide accessible, efficient, and high-quality care.
Overview
Royal Medical Center (RMC) is a healthcare provider focused on delivering personalized wellness and treatment programs designed to improve patient outcomes and overall quality of life. The organization’s mission is to help individuals regain energy, vitality, and confidence through tailored, patient-centered care.
As RMC continues to expand its digital healthcare services, ensuring the security and reliability of patient data becomes a critical part of delivering that mission. At OneData, this responsibility closely aligned with our approach—recognizing that enabling digital healthcare at scale requires a strong foundation in security, compliance, and performance.
As the AWS environment evolved, RMC faced challenges in maintaining consistent security governance and visibility across its infrastructure, while also managing rising cloud costs driven by inefficient resource utilization.
To address these challenges, RMC initiated a structured effort to enhance security controls, improve operational visibility, and optimize its AWS environment. To strengthen operational security monitoring and incident response capabilities, OneData also established centralized threat investigation and operational analytics workflows aligned with AWS-native security operations best practices. The implementation focused on improving incident visibility, accelerating investigation activities, and supporting coordinated response operations across the AWS environment. To support this transformation, RMC partnered with OneData, an AWS Partner with expertise in cloud security and optimization.
Overview
Royal Medical Center (RMC) is a healthcare provider focused on delivering personalized wellness and treatment programs designed to improve patient outcomes and overall quality of life. The organization’s mission is to help individuals regain energy, vitality, and confidence through tailored, patient-centered care.
As RMC continues to expand its digital healthcare services, ensuring the security and reliability of patient data becomes a critical part of delivering that mission. At OneData, this responsibility closely aligned with our approach—recognizing that enabling digital healthcare at scale requires a strong foundation in security, compliance, and performance.
As the AWS environment evolved, RMC faced challenges in maintaining consistent security governance and visibility across its infrastructure, while also managing rising cloud costs driven by inefficient resource utilization.
To address these challenges, RMC initiated a structured effort to enhance security controls, improve operational visibility, and optimize its AWS environment. To strengthen operational security monitoring and incident response capabilities, OneData also established centralized threat investigation and operational analytics workflows aligned with AWS-native security operations best practices. The implementation focused on improving incident visibility, accelerating investigation activities, and supporting coordinated response operations across the AWS environment. To support this transformation, RMC partnered with OneData, an AWS Partner with expertise in cloud security and optimization.
Opportunity | Containing Security Risks and Improving Cloud Efficiency
As RMC’s AWS environment evolved, the organization faced a combination of critical security vulnerabilities and operational inefficiencies that impacted both compliance and performance.
Security gaps included misconfigured Amazon S3 buckets that had a potential risk of exposing sensitive data, lack of multi-factor authentication (MFA) enforcement on IAM users, and long-lived credentials that increased the risk of unauthorized access. Several services were publicly exposed, expanding the attack surface.
Unpatched Windows servers vulnerable to known CVEs, hard-coded secrets within applications, and legacy workloads further increased risk. Additionally, logging gaps across non-primary AWS regions limited visibility into system activity, making it difficult to detect and respond to threats effectively.
From a compliance perspective, these issues resulted in violations of PCI DSS requirements and increased the risk of penalties and operational disruption.
At the same time, inefficient infrastructure including underutilized resources, unused services, and limited cost visibility was driving a significant increase in cloud spending.
RMC required a comprehensive approach to:
Contain and investigate the security incident
Preserve forensic evidence for compliance review
Remediate vulnerabilities across infrastructure
Strengthen monitoring and detection capabilities
Optimize cloud costs and improve governance
Solution | Implementing Incident Response, Security Hardening, and Cost Optimization on AWS
RMC partnered with OneData to execute a structured transformation of its AWS environment, focusing on incident containment, security remediation, compliance alignment, and cost optimization.
OneData rapidly isolated compromised resources using AWS-native tools, including automated containment workflows. Exposed services such as FTP and Redis were immediately secured, and forensic data was preserved using AWS CloudTrail with log validation and Amazon S3 Object Lock, ensuring integrity for PCI forensic investigation.
Security analysis was conducted using Amazon GuardDuty, AWS Security Hub, AWS Config, CloudTrail Lake, VPC Flow Logs, and application load balancer logs, providing deep visibility into the incident and enabling root cause identification.
Amazon Detective was utilized to support behavioral analysis, threat correlation, API activity investigation, and operational root cause analysis during incident response activities. Centralized investigation workflows improved visibility into suspicious IAM activity, infrastructure behavior, and security-related operational events.
Critical vulnerabilities were addressed by applying Windows security patches aligned with PCI requirements and upgrading infrastructure where necessary to improve performance and resilience. Endpoint protection was enhanced using advanced threat detection tools, and application-layer hardening was initiated to reduce exposure.
IAM policies were restructured to enforce multi-factor authentication (MFA), rotate credentials, and eliminate hard-coded secrets. Long-lived access keys were removed, and service accounts were cleaned up to reduce risk exposure. Additional controls were implemented to limit unnecessary access and improve governance.
Network-level protections were strengthened by restricting RDP access through IP allowlists, VPN, and MFA. Sensitive data stored in Amazon RDS was encrypted using AWS Key Management Service (KMS), and outbound traffic was controlled using network firewall policies.
A comprehensive monitoring framework was established using AWS-native services, including Guard Duty, AWS Config, Inspector, and Security Hub, achieving full security coverage across the environment. Logging was expanded and centralized, with increased retention and improved visibility across all AWS regions.
Amazon OpenSearch Service Serverless was integrated into OneData’s centralized MSSP operational environment to support security analytics, operational dashboarding, log correlation, and incident investigation workflows across monitored AWS resources. Centralized analytics workflows improved operational visibility and supported rapid investigation of high-priority security findings.
In parallel with security improvements, OneData optimized infrastructure usage by removing unused resources, rightsizing workloads, and aligning service configurations with actual demand. Cost allocation tagging and tools such as AWS Cost Explorer and CloudWatch were implemented to improve financial visibility and enable continuous optimization.
Incident response operations were aligned with AWS Security Incident Response best practices, including coordinated containment activities, forensic evidence preservation, investigation workflows, operational escalation procedures, remediation tracking, and post-incident review processes.
All changes were executed in a controlled, phased manner, ensuring zero downtime and uninterrupted healthcare operations.
Outcome | Strengthening Security Posture and Achieving Cost Efficiency
Through this comprehensive transformation, Royal Medical Center (RMC) achieved significant improvements in both security and cost efficiency.
Key Outcomes
4 hours
Security incident contained in under 4 hours
Zero
public S3 exposure after remediation
100%
security monitoring coverage (GuardDuty, AWS Config, Security Hub, Inspector)
Zero
All critical ports secured— scan attempts reduced to zero
PCI DSS
compliance posture significantly improved
$250K–$500K
in potential compliance penalties avoided
Cost & Operational Impact
35%
reduction in overall cloud costs
$3,700+
monthly savings achieved
30–40%
savings compared to third-party security tools
25%
reduction in operational overhead
With a secure, optimized, and well-governed AWS environment in place, RMC is now better positioned to protect sensitive patient data, maintain compliance, and scale its healthcare services with confidence.
Build a more secure and cost-efficient
AWS environment
Partner with OneData to optimize your cloud infrastructure, reduce costs, and
strengthen security—without compromising performance.
