Strengthening Healthcare Cloud Security Using Cloud Workload Protection Platforms (CWPP): A Framework for Protecting Patient-Critical Workloads in Health Data Warehouses

This research presents a comprehensive CWPP-enabled framework tailored for securing healthcare cloud workloads, specifically focusing on cloud-based health data warehouses (HDWs) that integrate heterogeneous clinical data sources for analytics and decision support. Drawing on contemporary literature, industry research, and real-world implementations, this paper analyzes the healthcare cloud threat landscape, evaluates CWPP architectural components, and proposes an end-to-end framework integrating runtime monitoring, micro segmentation, continuous compliance, and DevSecOps-aligned scanning. Demonstrations and system diagrams illustrate how CWPPs intervene in attack chains, reduce breach impact, and defend PHI-processing workloads. A comparative analysis of leading CWPP solutions (Prisma Cloud, Microsoft Defender for Cloud, Trend Micro Deep Security) is included to highlight operational relevance for healthcare IT environments. Findings show that CWPPs significantly enhance resilience, reduce misconfigurations, and strengthen compliance readiness in healthcare HDW ecosystems. The proposed framework can guide healthcare organizations toward establishing workload-centric, adaptive, and regulatory-aligned security architecture suitable for modern cloud operations.

Cloud Workload Protection Platform (CWPP); Healthcare Cloud Security

1. Almeida, F., Correia, A., Silva, F., & Ferreira, D. (2022). Cloud security risks and mitigation strategies: An analysis of identity and access management in modern cloud ecosystems. Journal of Cloud Computing, 11(1), 1–18. https://doi.org/10.1186/s13677-021-00269-3 [Google Scholar] [Crossref]

2. Casola, V., Villani, M. L., & Cuomo, A. (2021). Security and trust in cloud infrastructures: A survey through standards and compliance. Future Generation Computer Systems, 115, 360–379. https://doi.org/10.1016/j.future.2020.09.029 [Google Scholar] [Crossref]

3. Garikipati, A., & Kurunthachalam, S. (2021). Securing cloud-native workloads using eBPF-based runtime visibility and anomaly detection. IEEE Access, 9, 135211–135226. https://doi.org/10.1109/ACCESS.2021.3116204 [Google Scholar] [Crossref]

4. Guo, J., Zhang, R., & Chen, Y. (2023). Privacy-preserving computation in cloud-based analytics: A review of homomorphic encryption applications. ACM Transactions on Privacy and Security, 26(2), 1–34. https://doi.org/10.1145/3572239 [Google Scholar] [Crossref]

5. Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1). https://doi.org/10.1186/1869-0238-4-5 [Google Scholar] [Crossref]

6. Haque, A., Shahriar, H., & Bhuiyan, M. (2021). Anomaly detection in cloud containers using behavior-based monitoring. IEEE Transactions on Cloud Computing, 9(4), 1308–1321. https://doi.org/10.1109/TCC.2019.2954728 [Google Scholar] [Crossref]

7. Iyer, S., Faruque, F., & De, S. (2022). Challenges of hybrid cloud adoption in healthcare IT environments. Health Informatics Journal, 28(3). https://doi.org/10.1177/14604582221110732 [Google Scholar] [Crossref]

8. Kumar, S., Patel, J., & Rahim, M. (2024). Encryption practices in healthcare cloud systems: A review of algorithms and efficiency trade-offs. IEEE Security & Privacy, 22(1), 45–54. [Google Scholar] [Crossref]

9. Lyu, P., Zhang, S., & He, X. (2025). Cloud-based data warehousing for healthcare analytics: Architecture, performance, and security considerations. Information Systems Frontiers. https://doi.org/10.1007/s10796-023-10341-y [Google Scholar] [Crossref]

10. Mitchell, R., & Cho, S. (2022). Behavioral intrusion detection for cloud-native workloads. Computers & Security, 118, 102706. https://doi.org/10.1016/j.cose.2022.102706 [Google Scholar] [Crossref]

11. Morag, A., Shapira, Y., & Rosenthal, A. (2020). Vulnerability propagation in containerized environments: Empirical findings. Software: Practice and Experience, 50(12), 2251–2270. https://doi.org/10.1002/spe.2889 [Google Scholar] [Crossref]

12. Sachdeva, N., Khanna, R., & Singh, M. (2024). Cloud security in healthcare: A systematic review. Journal of Biomedical Informatics, 149, 104578. https://doi.org/10.1016/j.jbi.2024.104578 [Google Scholar] [Crossref]

13. Sharma, V., & Sood, M. (2021). A comprehensive survey on cloud workload protection: Models, architectures, and challenges. ACM Computing Surveys, 54(8), 1–39. https://doi.org/10.1145/3453473 [Google Scholar] [Crossref]

14. Sroor, M. (2025). Workload-level monitoring for secure cloud-native applications: Review and evaluation. International Journal of Cloud Computing. [Google Scholar] [Crossref]

15. Ugale, R., & Potgantwar, A. (2023). Container security for cloud-native architectures: A detailed review. International Journal of Applied Information Systems, 15(3), 18–27. [Google Scholar] [Crossref]

16. Wang, H., Li, Q., & Chen, X. (2024). Design patterns for cloud-based health data warehouses: A taxonomy and security implications. Health Information Science and Systems, 12(1). https://doi.org/10.1007/s12553-023-00716-4 [Google Scholar] [Crossref]

17. Zhang, L., Xu, Z., & Wang, Y. (2020). High-fidelity workload anomaly detection using hybrid deep learning models. IEEE Transactions on Dependable and Secure Computing, 17(5), 1124–1137. [Google Scholar] [Crossref]

18. Crowd Strike. (2024). 2024 Cloud Threat Report. [Google Scholar] [Crossref]

19. https://www.crowdstrike.com/resources/reports [Google Scholar] [Crossref]

20. CrowdStrike. (2025). Falcon Cloud Security Technical Overview. [Google Scholar] [Crossref]

21. https://www.crowdstrike.com [Google Scholar] [Crossref]

22. Gartner. (2020). Market Guide for Cloud Workload Protection Platforms. Gartner Research. [Google Scholar] [Crossref]

23. HHS. (2020). Zero Trust Architecture Strategy for Healthcare. U.S. Department of Health & Human Services. [Google Scholar] [Crossref]

24. HITRUST Alliance. (2023). HITRUST CSF v11.0 Overview. https://hitrustalliance.net [Google Scholar] [Crossref]

25. Microsoft Security. (2024). Microsoft Defender for Cloud: Workload Protection Overview. https://learn.microsoft.com [Google Scholar] [Crossref]

26. Palo Alto Networks – Unit 42. (2023). Cloud Threat Report. [Google Scholar] [Crossref]

27. https://www.paloaltonetworks.com/resources [Google Scholar] [Crossref]

28. Palo Alto Networks. (2024). Prisma Cloud Workload Protection Architecture. [Google Scholar] [Crossref]

29. Rapid7. (n.d.). Cloud Security for Healthcare. https://www.rapid7.com [Google Scholar] [Crossref]

30. Spectral Ops. (2024). Runtime Threat Detection for Containers. [Google Scholar] [Crossref]

31. Tenable Security. (2025). Identity Exposure & Workload Protection Report. [Google Scholar] [Crossref]

32. Wiz Research. (2023). Wiz Cloud Security Report. https://www.wiz.io [Google Scholar] [Crossref]

33. Wiz. (2024). Agentless Workload Security Architecture. https://www.wiz.io [Google Scholar] [Crossref]

• The Impact of Ownership Structure on Dividend Payout Policy of Listed Plantation Companies in Sri Lanka
• Urban Sustainability in North-East India: A Study through the lens of NER-SDG index
• Performance Assessment of Predictive Forecasting Techniques for Enhancing Hospital Supply Chain Efficiency in Healthcare Logistics
• The Fractured Self in Julian Barnes' Postmodern Fiction: Identity Crisis and Deflation in Metroland and the Sense of an Ending
• Impact of Flood on the Employment, Labour Productivity and Migration of Agricultural Labour in North Bihar