Brent Richter is the Enterprise Director of Partners HealthCare’s Enterprise Research Infrastructure & Services (ERIS), which provides IT services to researchers at Massachusetts General Hospital, Brigham and Women’s Hospital and other world-renowned medical research facilities.
Recently, Brent shared his perspective.
What were the challenges your team was facing that led you to work with us at ClearSky?
My group at Partners supports research teams through services such as high performance computing and data storage. Healthcare and the health sciences are highly data-driven industries, with stringent requirements that entail specific security and privacy controls. And it’s not just HIPAA. Each organization that sponsors research expects regimented testing, auditing and reporting, and the regulations governing the storage, security and protection of data are becoming increasingly complex and rigorous. It was extremely time-consuming for our team.
What’s more, the amount of data we’re storing is growing at an exponential rate, which makes managing it all increasingly difficult. We needed a storage system that could meet the rising level of security stringency, help us automate reporting, scale as we grew and, ultimately, simplify our storage infrastructure.
How were you addressing these regulatory challenges before ClearSky?
Manually, and it was taking a lot of time to manage the backups, fill out the paperwork and conduct the audits. We could have tried to design and engineer something ourselves, but at the end of the day, we're service providers. We want our end-users to take advantage of our service without having to worry about whether it meets the requirements on this contract or another. Our end-users shouldn’t have to spend a month auditing their systems. They should be able to focus on their research.
So, how are you using ClearSky?
We started small. We didn’t put all of our data into the service, but instead added more over time. We wanted to make sure ClearSky could deliver — and it did.
ClearSky deployed a 2U appliance on-site, which it manages, and that’s their entire footprint in our data center. Hot data is cached in that appliance to provide flash performance to our end-users, and both hot and warm data are also cached in a ClearSky point of presence (PoP) that’s about 15 miles away. So, if an end-user requests data that’s not in the local cache, it can be pulled down from the PoP without any noticeable latency. All data is copied, encrypted and stored in multiple locations in the public cloud.
Backup and DR are automated as an integral part of the service to provide recovery time objectives (RTOs) and recovery point objectives (RPOs) of near zero without the need for additional storage or a secondary DR site.
Concerning security, all data is encrypted in-transit and at-rest, and only we control the keys. Plus, all data travels over private lines, so it never touches the public Internet, which helps with performance and increases security. ClearSky generates audit reports that demonstrate compliance, so we don’t have to do that ourselves anymore. Without having to manage backup, DR and compliance, ERIS team members have been able to spend more time on data projects that can make a valuable difference to Partners’ mission.
Did you integrate any of your existing apps with ClearSky?
Yes, it’s integrated into our Active Directory for shared file directory services, Splunk and antivirus infrastructures.
How have your end-users reacted?
We still have our own on-premises storage for some workloads, and, honestly, our researchers can’t tell any difference when they’re working with the data we manage ourselves and when they’re working with data in ClearSky. The cache we have on-premises is all-flash, so it’s fast, and whenever there’s a cache miss, which is rare, the service just pulls it from the nearby PoP.
You’ve talked a bit about this already, but what’s been the biggest benefit to Partners and ERIS?
The biggest benefit? Definitely knowing that we’re compliant with all the various requirements we have to meet and that our data is as secure as possible. As I said earlier, many of our departments have contracts that stipulate a high base level for security and compliance. With ClearSky, we already have that high base level in place.
But there are other benefits as well, namely that the data our researchers need is highly accessible. It’s where it needs to be when it needs to be there.
Do you have any advice for other healthcare organizations considering moving their data to a hybrid cloud service?
Sure. You don’t have to rip and replace, but can, instead, start small, beginning with backup and DR for a subset of your data, for example. As you get to know and trust the service, you can migrate additional data, as needed. I really like the on-demand nature of the service, because as data sets grow in size and number, it’s nice not being bound to the traditional storage buying cycle. If we need more capacity, we’ve got it. We don’t have to buy, deploy and maintain new boxes.
Want to learn more about how ClearSky can help your organization meet its growing compliance needs around security and data protection? Schedule a demo today!