Breaking Through the Cloud: A LABORATORY GUIDE TO CLOUD COMPUTING

Similar documents
Data Storage, Recovery and Backup Checklists for Public Health Laboratories

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

Cloud Computing Briefing Presentation. DANU

Cloud Computing: Making the Right Choice for Your Organization

10 Cloud Myths Demystified

10 Considerations for a Cloud Procurement. March 2017

Best Practices in Securing a Multicloud World

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

CLOUD COMPUTING PRIMER

Why the cloud matters?

CLOUD COMPUTING READINESS CHECKLIST

10 Cloud Myths Demystified

Cloud Computing An IT Paradigm Changer

Security and Privacy Governance Program Guidelines

Getting Hybrid IT Right. A Softchoice Guide to Hybrid Cloud Adoption

A Ready Business rises above infrastructure limitations. Vodacom Power to you

FROM TACTIC TO STRATEGY:

Accelerate Your Cloud Journey

Cloud Computing: The Next Wave. Matt Jonson Connected Architectures Lead Cisco Systems US and Canada Partner Organization

Cloud Computing and Service-Oriented Architectures

Threat and Vulnerability Assessment Tool

Data Inventory and Classification, Physical Devices and Systems ID.AM-1, Software Platforms and Applications ID.AM-2 Inventory

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

Capgemini Dynamic Services

Internet of Things Toolkit for Small and Medium Businesses

Clouds in the Forecast. Factors to Consider for In-House vs. Cloud-Based Systems and Services

PCI DSS Compliance and the Cloud

Accelerate Your Enterprise Private Cloud Initiative

Cloud Computing Introduction & Offerings from IBM

AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

Cloud Services. Infrastructure-as-a-Service

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Shaping the Cloud for the Healthcare Industry

Benefits of Extending your Datacenters with Amazon Web Services

APCO s Vision for NG Jay English, Chief Technology Officer Jeff Cohen, Chief Counsel & Director of Government Relations

SIEMLESS THREAT DETECTION FOR AWS

How Managed Service Providers Can Meet Market Growth with Maximum Uptime

Cloud-based data backup: a buyer s guide

Cloud Computing Overview. The Business and Technology Impact. October 2013

How to Write an MSSP RFP. White Paper

Bringing OpenStack to the Enterprise. An enterprise-class solution ensures you get the required performance, reliability, and security

Security Models for Cloud

Journey to the Cloud At Derby City Council. Nick O Reilly Director of Digital Services

EXAM - CL CompTIA Cloud Essentials Exam. Buy Full Product.

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

Cloud First Policy General Directorate of Governance and Operations Version April 2017

Corporate Security & Emergency Management Summary of Submitted 2015 Budget From Rates

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Data Security: Public Contracts and the Cloud

2013 AWS Worldwide Public Sector Summit Washington, D.C.

INFS 214: Introduction to Computing

Cloud Computing. Presentation to AGA April 20, Mike Teller Steve Wilson

Cloud Computing and Cloud Networking

CLOUD COMPUTING-ISSUES AND CHALLENGES

Infrastructure to the Cloud. May 23, 2017

Security Policies and Procedures Principles and Practices

Cyber Security Program

Mitigating Risks with Cloud Computing Dan Reis

NEN The Education Network

Introduction to Cloud Computing

ERP Solution to the Cloud

Future of the Data Center

QUIACLE TECHNOLOGY SOLUTIONS, INC. CLOUD SERVICES MANAGED SECURITY SERVICES

Programowanie w chmurze na platformie Java EE Wykład 1 - dr inż. Piotr Zając

Cloud Computing Context. Image: T. Sridhar

ASD CERTIFICATION REPORT

AUTHORIZATION TO ENTER INTO A CONTRACT WITH SOFTWAREONE, INC. FOR LICENSING OF MICROSOFT SOFTWARE

Strong Security Elements for IoT Manufacturing

WHITE PAPER. Title. Managed Services for SAS Technology

Closing the Hybrid Cloud Security Gap with Cavirin

New Zealand Government IBM Infrastructure as a Service

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

Vision of the Software Defined Data Center (SDDC)

ORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers

DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure

Securing the Cloud Today: How do we get there?

How unified backup and cloud enable your digital transformation success

CLOUD COMPUTING WHAT HEALTH CARE INTERNAL AUDITORS NEED TO KNOW GABRIELA MERINO DIRECTOR BUSINESS ADVISORY SERVICES

Title: Planning AWS Platform Security Assessment?

Swedish bank overcomes regulatory hurdles and embraces the cloud to foster innovation

Securing the User: Winning Hearts & Minds to Drive Secure Behavior

Data center interconnect for the enterprise hybrid cloud

Introduction to AWS GoldBase

Securing Your Cloud Introduction Presentation

Choosing the Right Cloud Computing Model for Data Center Management

An introductory look. cloud computing in education

IT Enterprise Services. Capita Private Cloud. Cloud potential unleashed

Dell helps you simplify IT

Cloud Security: Constant Innovation

IT Consulting and Implementation Services

Cloud Computing An IT Paradigm Changer

Deploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP)

Cloud solution consultant

Security and Compliance

6/5/ Michael Hojnicki Chief of Technology and Administrative Services

CORPORATE PERFORMANCE IMPROVEMENT DOES CLOUD MEAN THE PRIVATE DATA CENTER IS DEAD?

PROTECT YOUR DATA FROM MALWARE AND ENSURE BUSINESS CONTINUITY ON THE CLOUD WITH NAVLINK MANAGED AMAZON WEB SERVICES MANAGED AWS

Google Cloud & the General Data Protection Regulation (GDPR)

Transcription:

Breaking Through the Cloud: A LABORATORY GUIDE TO CLOUD COMPUTING

Seeing these IT issues/challenges in your laboratory? Balancing the cost of purchasing, housing, implementing and maintaining servers with other laboratory costs. Processing huge amounts of data requires higher orders of computing ability, expertise to implement intricate software to translate complex mathematical models into functional algorithms and vast amounts of secure, high-speed storage. The potential for accidental or intentional misuse of data stored on physical, in-house servers. Difficulty finding central information technology (IT) staff that can be committed to learning business processes due to IT consolidation. Competition for data exchange resources which require specialized programming and developer expertise in laboratory processes and testing is difficult and often costly. Lack of interoperability between various systems to collect and record data, including laboratory information systems management systems (LIMS), Excel or Access spreadsheets and homegrown systems, which slow information sharing within the laboratory and with external partners. Cloud computing may be able to help.

what is cloud computing? Cloud computing is a type of Internet-based computing that provides shared computer processing resources and data to computers and other devices on demand. For some companies/institutions, it offsets the need to store the data locally, potentially saving costs. You are probably already using cloud computing in your organization or in your everyday life if you use systems like Google Apps or Office 365, two of the most common cloud computing technologies on the market. Are cloud computing systems all the same? The two main cloud computing solutions, Infrastructure as a Service (IaaS) and Software as a Service (SaaS), allow an organization to focus on its core business needs, rather than investing effort in maintaining systems. While IaaS gives the most control, it requires more technical expertise to operate. Infrastructure as a Service ( IaaS) Provides virtual computer resources to build a technical environment or platform. This eliminates the need to maintain physical infrastructure and data centers. Places responsibility for auditing, encryption and other security measures primarily with the customer. Software as a Service (SaaS) Allows a business to connect to and access an application over the Internet. One example would be Microsoft Office Online, an online version of the office suite in the form of web applications. Places responsibility for security primarily with the provider. For example, under BaseSpace Clarity LIMS, the provider handles password controls, data backups, encryption and other security controls. IaaS/SaaS Cloud Service Providers The three cloud service providers (CSPs) have similar offerings, but differ in pricing structures. Select a CSP with the right tools and options to support your laboratory. Amazon Web Services (AWS) Amazon Web Services offers a number of IaaS solutions, including Elastic Cloud Compute (EC2), which provides resizable computer capacity in the cloud. Microsoft Azure The Microsoft Azure Platform is used to power SaaS solutions like Microsoft Office 365. Office 365 includes SharePoint Online, Exchange Online and Lync Online. Google Cloud Platform The Google Cloud Platform powers Google Compute Engine, which delivers virtual machines similar to AWS EC2. Compute Engine is one of many IaaS components of Cloud Platform. ONE OF THE BIGGEST BENEFITS of our project has been the ability to on-board the labs quickly. We saved at least 1.5 years on the entire project (for four labs) because the infrastructure is cloud-based and therefore centralized and everyone has to use the same process. Elizabeth Neuhaus, PhD Associate Director for Informatics Influenza Division, CDC

why use cloud technology? how is data kept safe? Cost Savings Scale technical capabilities based on fluctuations in demand or workload for potential cost savings. (In a situation with fluctuations in workload, cloud computing can potentially render cost savings even if the constant cost fluctuates over time based on activity. However, there are still costs associated with licensing and actual manpower needed to manage the environments with IT skills.) Minimize investment in launch infrastructure to eliminate the need for upfront capital expenses. Agility Rapidly provision resources leveraging cloud computing s elastic model. Adapt to growth and change without changes to technical hardware or assets. Control Inheritance Inherit some security control protection and compliance from existing cloud service providers Perform varying levels of management and upgrades depending on cloud computing category High Availability Maintain a presence in multiple regions of the world. Cloud computing can deliver better security services than many organizations could provide on their own. CSPs can offer advanced security and privacy facilities that leverage their scale and skills at automating infrastructure management tasks. This is a boon to customers who have few skilled security personnel. Be sure to understand a CSP s security requirements before you select a system, especially if you are responsible for protected health information (PHI). CSPs observe the following protocols to mitigate security risks: Shared vs. Dedicated Tenancy: Multiple cloud customer s machines may reside on the same server instance although systems storing public health information should have dedicated instances.* Business Associates Agreements: An agreement between the customer, provider and technical vendors must be in place when working with HIPAAeligible data. Auditing: CSPs must keep detailed activity logs and reports and continually monitor access. These reports are tracked, logged and stored in a central location for extended periods of time for auditing purposes. Activity logs should identify who accessed the data and from where and how the data may have been altered. Risk Analysis: CSPs and customers should both conduct independent assessments of potential risks and vulnerabilities to the confidentiality, integrity and availability of PHI held by the organization. *Ask your CSP how they ensure the security of public health laboratory data. CLOUD COMPUTING IS HERE. We know the benefits of engaging in the cloud but it is our responsibility to be educated on how to properly use cloud resources, how to manage costs and most importantly, how to assure the cloud environment is secure. Eduardo Gonzalez Chief Executive Officer, UberOps

how do I engage or evaluate a cloud service? Consider filling out the APHL Self-Assessment Tool. The tool allows public health laboratories to assess strengths and gaps in informatics capability by addressing 19 critical operational areas. It charts data longitudinally, enabling laboratories to measure growth and leverage results to advocate effectively for their needs. The tool also offers a suite of data visualization tools that display assessment data graphically and segmented in multiple ways. This exercise will enable an institution to understand their informatics strengths and gaps as they think about using a cloud service Engage IT staff to see if cloud computing is possible, or if there are agreements in place for specific CSPs. For example, it is important to distinguish that a LIMS product running on a cloud system is very different than a LIMS deployed on servers that are purchased and maintained by an organization. Engage security staff to see if cloud computing is possible, given current security requirements. Develop a project plan listing goals, objectives, benefits, etc. As the plan is developed, consider what would be stored in the cloud, as not everything belongs there. Consider latency issues. For example, most instrument control computing systems should not be in the cloud. However, they can be designed to share data in network storage systems and/or be integrated with cloud-based LIMS through various communication paths. Complete an alternatives analysis (a comparison of operational effectiveness, cost, and risks) on multiple cloud services. Data security should also be discussed in the context of this analysis. For more information on cloud computing, visit www.aphl.org/cloudcomputing USING THE AIMS CLOUD would definitely be a viable option for IaaS for next generation sequencing (NGS) for sentinel public health laboratories, and it has been proven effective for well over a year now. Elizabeth Neuhaus, PhD Associate Director for Informatics Influenza Division, CDC REFERENCES: Cloud Standards Customer Council. Security for Cloud Computing: Ten Steps to Ensure Success, Version 2.0. March, 2015 Available at http://www.cloud-council.org/deliverables/cscc-security-for-cloud-computing-10-steps-to-ensure-success.pdf

ASSOCIATION OF PUBLIC HEALTH LABORATORIES The Association of Public Health Laboratories (APHL) works to strengthen laboratory systems serving the public s health in the US and globally. APHL s member laboratories protect the public s health by monitoring and detecting infectious and foodborne diseases, environmental contaminants, terrorist agents, genetic disorders in newborns and other diverse health threats. This publication was 100% funded with federal funds from a federal program of $674,993. This publication was supported by Cooperative Agreement # NU60OE000103 funded by the US Centers for Disease Control and Prevention (CDC). Its contents are solely the responsibility of the authors and do not necessarily represent the official views of CDC or the Department of Health and Human Services. 8515 Georgia Avenue, Suite 700 Silver Spring, MD 20910 Phone: 240.485.2745 Fax: 240.485.2700 Web: www.aphl.org Copyright 2017, Association of Public Health Laboratories. All Rights Reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback