Case Study: Machinify achieves HITRUST compliance with low-overhead access using Tailscale

Machinify gets HITRUST with low overhead using Tailscale SSH and ACLs

Machinify is a remote-first healthcare software company that provides an AI platform for insurance and claims administration. As their AWS footprint grew to between 200 and 2,000 instances, they struggled to securely and reliably manage developer access with OpenVPN, which created operational overhead, password-reset issues, and compliance headaches as they worked toward HITRUST certification.

To solve this, Machinify adopted Tailscale, using Tailscale SSH, ACLs, Okta group sync, and exit nodes to tightly control access to AWS instances and simplify auditing. Tailscale reduced VPN administration from five people to effectively zero, cut maintenance from several hours a week to nearly none, enabled rollout across the fleet in about an hour, and gave Machinify the auditability needed for HITRUST compliance.

Machinify

Gavin Ray

Principal Engineer