Description:
This session looks at an active project at UC San Diego that has developed into:
- A collaborative project between central campus UC San Diego Research IT Services and UC San Diego Health
- A secure environment framework for research in the cloud that is reusable and can be applied at other institutions with organizational decision and security tooling
UC San Diego is actively developing a protected data environment in the cloud. This effort is ongoing, and includes investigation and development of the NIST 800-53 Security Controls, regulatory requirements, and associated documentation required for a compliant environment. Associated with this is a pilot project with actual researchers, currently with de-identified data in the cloud, with the intent of moving protected data into the environment when available/approved. In addition, a proof of concept will investigate feasibility and cost estimations of a proposed production cloud-hosted protected data environment service for local researchers and their collaborators. In this session, we will show a best practice, 3-layer application stack (with the integrated security layering), data storage options, and some of the organizational decisions that would need to be made to adopt this framework
Detail:
The presentation will cover:
- Collaborative development of a secure environment framework for research in the cloud
- Use of AWS
- Security controls
- Documentation
Impacts:
Sharing this presentation with the other UC campuses may provide a leg up to jump-start protected data cloud environments for researchers across the UC System.
On the San Diego campus, the aim is to provide an efficient, affordable protected data storage and compute environment, particularly for those researchers on the long tail of research whose grant and departmental/lab resources are limited. By examining a solution centrally, we open up possibilities for extended collaborations, potential to pursue additional funding opportunities, and better compliance and adherence to security recommendations and requirements.
For UC San Diego Health the goal is to provide a service catalog of offerings that extends the capacity, extensibility and flexibility of on-prem offerings. In addition, getting security approval for allowing/trusting cloud provider with sensitive data will provide a pathway for facilitating a wide array of clinical research avenues in the future.
Takeaways
This session will provide an overview of current, ongoing activities in UC San Diego Research IT Services and UC San Diego Health. Through the session, attendees will gain a clear idea of the security controls and documentation necessary to develop and run a compliant AWS environment.
None required
N/A