GenomeNext Puts Data Security Under a MicroscopeBy Samuel Greengard | Posted 2015-08-21 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
The genomic analysis firm protects sensitive data with intrusion detection and vulnerability scanning and uses log management to help track and monitor behavior.
Over the last quarter century, genome research has introduced major advances in medicine and therapies, particularly for conditions such as congenital heart disease, autism spectrum disorders, muscular dystrophies and cancer. At the center of everything: ever-growing volumes of extremely complex data.
"We take raw and non-readable data files from the sequencing process and convert them to files that serve as an index for all the variants related to a genetic disorder," explains James Hirmas, CEO of genomic analysis firm GenomeNext. "All of this genome data produces a file for one patient that sometimes reaches 85 to 100 gigabytes."
Ensuring that high-speed computational algorithms operate without bottlenecks and interruptions is critical. Consequently, the company relies on Amazon Web Services (AWS) to provide a highly agile and flexible cloud infrastructure to support global compute, storage, database, analytics and other tasks.
However, securing and protecting the data is paramount. As a result, the firm turned to cloud security vendor Alert Logic to add protection through a Security-as-a-Service approach. "We have a need for manageable, real-time analysis for files as large as a terabyte, along with security and compliance requirements," Hirmas says.
The Alert Logic tool, which operates natively within the AWS platform, manages intrusion detection and vulnerability scanning without the addition of hardware. GenomeNext uses the technology for a scalable Web application firewall that works with both public-facing applications and the firm's intranet. The solution also offers ongoing log management, which aids in tracking and monitoring behavior.
"Amazon provides a basic level of security, but it essentially applies to the infrastructure layer," Hirmas notes. The additional security provided by the Alert Logic system is achieved through APIs that continually examine Amazon logs and detect when the environment changes or an update takes place.
Using Security Analysts and Ethical Hackers
GenomeNext went live with the deployment in January, after conducting alpha and beta testing late last year. The idea of using security analysts and ethical hackers to keep an eye on the data environment was appealing.
"We do not have the resources internally to monitor and examine logs, watch over Web application firewalls and handle threat management on a 24x7 basis," Hirmas points out. "We want to focus our time and financial resources on research, discovery and scientific achievement."
Finally, GenomeNext is able to stay current with information technology by outsourcing security and compliance reporting tasks. This includes sensitive data that falls under the Health Insurance Portability and Accountability Act (HIPAA).
Hirmas says that the cloud environment provides a solid foundation for the future, including managing new clients and increasingly large data processing requirements that extend into terabytes.
"One of the appealing aspects of the technology—including Amazon SW3 Objects Storage—is an ability to decouple components of AWS into solutions," he says. Among other things, this allows GenomeNow to set up flexible portals in a fast and highly cost-effective manner.
"We can move a 100 gigabyte file through S3 in about 10 minutes," Hirmas adds. "We are now able to move data to the cloud and optimize it in a way that wasn't possible in the past."