ARIA S.p.A. Secures Healthcare Data for 10M Citizens
The impact of a ransomware attack from a human standpoint would be devastating. It could force facilities to shut down and deprive someone of access to critical, life-saving services. Our partnership with Rubrik has empowered us to protect the sensitive data of 10 million citizens and 32 healthcare institutions, ensuring we are resilient in the face of cyberthreats.
Roberto Nocera
Director of IT Infrastructure & Cloud Transformation Officer, ARIA![]()
CHALLENGES
As the central IT hub for the healthcare system of the Lombardy Region—Italy’s most populous area—ARIA’s mission is to manage and protect highly sensitive patient data for over 40 healthcare institutions. Recognizing the increasing threat landscape in healthcare, ARIA needed to move beyond a fragmented and reactive legacy setup and adopt a modern cyber resilience strategy.
ARIA was facing significant risks from:
With the security of 10 million citizens’ sensitive health data at stake, ARIA required a comprehensive, unified platform to ensure unwavering operational continuity and regulatory compliance.
OUTCOMES
Partnering with Rubrik helped ARIA achieve:
Critical Health Infrastructure and Patient Lives at Risk from Ransomware
For a critical public sector entity like ARIA, downtime is not an option; a cyber incident could halt essential clinical services, directly jeopardizing patient well-being. ARIA faced unacceptable risk because its reliance on a fragmented, complex mix of five legacy backup tools (including Veeam, EMC, Veritas, Commvault, and Acronis) lacked the immutability and centralized control needed to withstand modern threats. As Roberto Nocera, Director of IT Infrastructure & Cloud Transformation Officer, noted, “Our reliance on multiple legacy solutions meant we were flying blind to compliance gaps and couldn’t guarantee a clean recovery point. When patient lives are on the line, that uncertainty is an unacceptable risk.” Without a comprehensive solution, a successful ransomware event could:
TRANSFORMATION WITH RUBRIK
A Proactive Partnership for Unwavering Cyber Resilience
To transform its cybersecurity posture and support its ambitious cloud-first strategy, ARIA partnered with Rubrik to unify data protection across on-prem and cloud environments. This shifted their approach from reactive defense to proactive, business-enabling resilience. This move replaced the complex, fragmented legacy stack with a single, integrated platform designed to deliver immutable backups, cloud-native protection, and a clear “golden copy” recovery path.
By consolidating legacy tools into one modern platform, ARIA immediately achieved a 5:1 tool consolidation ratio, dramatically simplifying data security and realizing significant cost savings. The implementation of Rubrik Cloud Vault was key, establishing a logically air-gapped, immutable cyber vault.
Rubrik Cloud Vault provides us with an air-gapped, immutable copy of our data, creating a ‘golden copy’ that can’t be compromised. This not only gives us peace of mind but also allows us to move forward with our digital transformation initiatives with confidence.
Roberto Nocera
Director of IT Infrastructure & Cloud Transformation Officer, ARIA![]()
To ensure maximum operational confidence, the partnership included an on-site resident and dedicated customer support, providing peace of mind and assuring stakeholders that critical health data is protected to the highest standards of security.
With Rubrik serving as the backbone of its data security strategy, ARIA established a robust security posture that aligns with NIST frameworks, allowing it to pass its audit with zero remediation. As the first Italian public administration to adopt such a comprehensive solution, ARIA set a powerful precedent for healthcare data security, ensuring the well-being of its 10 million citizens and the continuity of life-saving medical care