At Partners, cloud storage and recovery tech brings compliance, security
At Partners HealthCare, the enterprise research infrastructure and services team provides the research and clinical innovation communities in the health system’s academic medical centers and community hospitals with technology and platforms.
Healthcare is heavily data-driven, and health researchers do their work having come to expect that the storage is secure while data stays accessible.
“In recent years, federal regulations, state laws and requirements from collaborating and contracting institutions have made compliance, auditing and security increasingly more complex and cumbersome to report on,” said Brent Richter, enterprise director of enterprise research infrastructure and services at Partners HealthCare. “In addition, the amount of data under management continues to grow exponentially. We needed a storage system that could meet the higher level of security stringency when those regulations and contractual obligations came into play.”
Partners HealthCare began working with ClearSky Data, a managed cloud storage, backup and disaster recovery technology vendor. Together they were building a storage system codenamed internally as CloudVault, which would provide protected data storage as an on-demand, fully managed service from ClearSky.
“By doing so, this would allow enterprise research infrastructure and services to continue to focus on consulting for our communities with our computing and data science platforms and solutions,” Richter said. “Enterprise research infrastructure and services needed only to manage a single, durable copy of its data, stored in the ClearSky cloud.”
ClearSky offered automated security and privacy controls, automatically performed data protection and disaster recovery, and provided high performance for network-mounted file data.
Here’s how the service works. Partners end users see a network share on their Mac, Windows PC or Linux desktop. ClearSky caches the files on an appliance parked in Partners’ corporate data centers within the Partners network — the hot data that will likely be used within a week or so. This data is at the edge of the ClearSky architecture and guarantees flash performance for those files.
Both hot and warm data is moved between and also cached in a ClearSky point of presence less than 15 miles from the data center, and all data is copied, encrypted and stored in multiple locations in the public cloud. If data is requested that isn’t cached locally, the service retrieves it from the ClearSky point of presence without a noticeable increase in latency.
“As a result, the service has minimized the infrastructure required for primary and secondary storage, and it provides automated and instant backup and availability for disaster recovery without the need to duplicate that infrastructure for replication,” Richter explained.
Partners HealthCare researchers get the privacy, protection and security they need, but now the organization also has a more flexible, agile and regulatory-compliant data storage infrastructure, with very good performance, he added.
“The enterprise research infrastructure and services group relies on ClearSky to protect, secure, store and provide access to our data,” he said. “ClearSky deployed a 2U appliance on-site, which it manages, and that’s the full extent of their data center footprint. Once data was uploaded to the service, we gained the benefits of full protection.”
This enabled enterprise research infrastructure and services team members to focus on data projects that could make a valuable difference to Partners’ mission, instead of trying to solve storage performance issues, he said.
Many vendors on the market offer all or a combination of managed cloud storage, backup and disaster recovery technologies. They include Acronis, AT&T, Barracuda, Commvault, IBM, KeepItSafe, NovaStor, Quorum, SolarWinds, Synoptek and Unitrends.
MEETING THE CHALLENGE
Partners HealthCare has several clinical and research departments within its hospitals that have federal and/or industry projects that now are carrying stringent security requirements with specific security and privacy controls. They require regimented testing, auditing and reporting.
“With the use of ClearSky’s solution, my group no longer maintains the burden of direct management of these needs on current storage,” Richter said. “Our information security and privacy officers are quite happy with the technical security controls. We are currently migrating data to this storage for these groups.”
The new data technology is integrated into Partners’ active directory for shared file directory services, Splunk and antivirus infrastructures.
“As a fully managed service, ClearSky takes care of data protection, availability, patching and disaster recovery,” Richter explained. “It happens automatically, and recovery is nearly instantaneous. All data is encrypted, both in-transit and at-rest, so it’s secure. We control the keys. Not even ClearSky has access to our data.”
Latency isn’t an issue, he added. Partners still has its own on-premises storage for some workloads, and researchers can’t tell any difference when they’re working with the data Partners manages or when they’re working with data in ClearSky, he said.
“The cache we have on-premises is all flash, so it’s fast, and whenever there’s a cache miss, which is rare, the service just pulls it from the nearby point of presence,” he said.
The biggest benefit of the new technology for Partners is knowing that the organization is compliant with all the various requirements it has to meet and that its data is as secure as possible, Richter stated.
“We operate as a service provider ourselves, so our internal customers no longer spend a month auditing their own systems to comply with an external auditor,” he said. “Many of our departments have contracts that stipulate a high base level for security and compliance, and we already have that base in place with ClearSky.”
Best of all, the data researchers need is highly accessible, Richter said.
“It’s where it needs to be at the right time, which eases the process of accessing and using the data,” he explained. “Our teams cannot detect differences in system performance while accessing data that we manage ourselves versus the data managed by ClearSky, which is a huge benefit. And we now meet or exceed security compliance for industry, federal and state data security and privacy requirements, which was our primary goal.”
ADVICE FOR OTHERS
“You don’t have to go all in with a storage service as you would with an on-premises infrastructure or some other services,” Richter advised. “I don’t know many people in my position who would give a service all their data right at the start. File data storage services are rather commodity these days and a utility cost model is very popular in the industry.”
One could very easily begin with backup and disaster recovery for a subset of data, he added. As one gets to know the service and understand its strengths and weaknesses, one can migrate additional data, as needed, he said.
“I really like the on-demand nature of the service, because as data sets grow in size and number, it’s nice not being bound to the traditional three-to-five-year storage buying cycle,” he said. “If we need more capacity, we just keep the data flowing. No need to buy and deploy new boxes.”