HOW CoverMyMeds Increased Asset Visibility with AXONIUS.
CoverMyMeds, part of McKesson Corporation, solves medication access challenges for patients throughout every step of their journey and accelerates innovative solutions for complex problems in healthcare like medication access, affordability, and adherence.
- 1,000 to 5,000
- Gaining asset visibility in an increasingly complex ecosystem
- Finding an asset management solution that ingests data from multiple sources and provides context
- Simplifying and automating vulnerability management processes
- Audit preparation and security framework/regulatory compliance (NIST, HIPAA)
- Identifying unmanaged devices
Axonius Cybersecurity Asset Management
CoverMyMeds gained visibility into assets and increased efficiency by using Axonius as its primary tool for asset management.
SEEKING A CENTRALIZED SOURCE OF VISIBILITY
CoverMyMeds, a healthcare software company headquartered in Columbus, Ohio, helps people get the medicine they need to live healthier lives. As a company with a mission of accelerating innovative solutions for problems like medication access, affordability, and adherence – keeping its regulatory environment compliant is the top concern for the CoverMyMeds security team.
“Axonius is our primary tool for asset management, so it’s pretty important. It’s also the backbone to our vulnerability management processes, which are super important when you think about our role within healthcare – protecting patients and advocating for their needs.”
— Jay Bobo, Senior Manager of Product Security
Adhering to frameworks like HIPAA and NIST is imperative to CoverMyMeds’ operations, especially since the company regularly coordinates with government regulators and auditors. CoverMyMeds needed a solution that would increase visibility and improve efficiency, helping the team meet audit requirements more easily.
With CoverMyMeds’ strong software engineering culture, security staff wanted to ensure that the right solution would fit into their environment, connect to other data sources, and meet patient, client, and internal requirements without adding unnecessary tools. So they started looking for a modern and customizable asset management platform that matched the maturity of their cybersecurity program.
FINDING THE RIGHT TOOL FOR THE JOB
When it came to determining how many devices were on the network and locating and securing ones that were unmanaged, teams across CoverMyMeds faced challenges. The organization needed a solution that not only gave total and complete asset visibility, but also needed something that would connect to the data sources CoverMyMeds already used with minimal friction. That’s why they chose Axonius.
And Jay Bobo, Senior Manager of Product Security at CoverMyMeds, can see the difference. Axonius gives his team a better understanding of what they had, along with the ability to send data across the organization to be used for reporting, analysis, and decision-making. For a company as large as CoverMyMeds, it’s incredibly important to have a tool that gives users across the business a full view of all assets and the ability to understand and reduce risk, automate action, ensure security controls coverage, reduce response time, and reduce manual work. But that’s just the beginning of how CoverMyMeds leveraged Axonius.
USING THE AXONIUS API TO BUILD A BESPOKE VULNERABILITY MANAGEMENT SOLUTION
Vulnerability management (VM) is a key part of CoverMyMeds’ cybersecurity strategy – but correlating VM data from multiple sources requires a great deal of manual and time-intensive work. With so much data coming in from different places across the business, the CoverMyMeds security team required a more bespoke approach. And because API integrations help organizations optimize costs and rationalize tools while still using their tools exactly how they need to, that’s the direction the team took.
“We knew we were going to build out the right tool ourselves. But we wouldn’t be able to address our needs without easily getting at the data. And we’re able to do that through Axonius.”
— Jay Bobo, Senior Manager of Product Security
Leveraging the Axonius API, CoverMyMeds developed an internal tool called Looking Glass that automatically takes in VM data from different sources and connectors and then scrapes it for relevant fields and values that can be used to automate next steps, like properly identifying asset ownership and team responsibilities or coordinating tasks.
And this tool primarily depends on the context and insights Axonius provides. This allows developers to view data in real time, so product owners have more visibility for what matters to them and can easily track compliance.
GAINING CONTEXT WITH AXONIUS
The CoverMyMeds team found themselves asking: “How can we keep engineers engineering rather than stuck in meetings and working in spreadsheets?” Axonius has helped deliver that. By allowing engineers to easily identify and aggregate assets in one place – along with endless information from other sources – Axonius has helped keep CoverMyMeds developers happy and enables them to send relevant data elsewhere to satisfy the needs of other stakeholders across the business.
Using the Axonius API allows the CoverMyMeds security team to fit into sandbox environments without a ton of extra work – allowing the team to figure out what works best for their needs. Multiplied by a greater sense of asset ownership, this also leads to more timely remediation made possible by increased visibility. The CoverMyMeds security team can now deliver data-backed insights to leaders on what’s working, what could be improved, and real-time information on vulnerabilities and assets that adds immense value.
Building strong relationships with the Axonius team has helped CoverMyMeds get even more out of the product. In Jay Bobo’s experience, “The team has been open to constructive criticism and feedback, which speaks to the culture of the leadership team.”
“This is the partnership that you want. They don’t just show up when it’s time for a renewal – this is a long-lasting relationship.”
— Jay Bobo, Senior Manager of Product Security
CoverMyMeds helps people get the medicine they need to live healthier lives – and Axonius helps CoverMyMeds get the visibility they need to efficiently manage assets, maintain compliance, and control complexity so teams can continue to advocate for patient needs.
See the Platform
See the Axonius Platform for yourself with an interactive product tour, where we'll guide you through key applications of our Cybersecurity Asset Management and SaaS Management solutions.
Book a Demo
Request a demo to learn how the Axonius Platform provides a system of record for all digital infrastructure helping IT and security teams manage an always-expanding sprawl of devices, users, software, SaaS applications, cloud services, and the tools used to manage and secure them.