Balanced Cloud Solutions For the Life Sciences Enterprise

Chris Gough, Intel

Lead Healthcare Cloud Computing Architect

Agenda

• Forces Shaping the Industry • Intel Cloud Vision • Intel IT Cloud Initiative • Intel Healthcare Cloud Capabilities • Summary

Building Surge of Health & Life Sciences Data

•Digitization of healthcare data •Higher resolution images, sound, video •New data types; e.g. genomics •Longer retention needs •Health information exchange, and proliferation of duplicates •Sensitive data must be protected everywhere •The data surge is challenging performance

• Usability of healthcare apps, productivity of caregivers, quality of care

Hardware Enabled Security protects surging healthcare data, with high performance

Health & Life Sciences Cloud Computing

Business Drivers Concerns

How to maximize benefits and minimize concerns? One size does not fit all

Cost Reduction: Economies of

scale, multi-tenancy

Agility: Elasticity, provisioning

Availability: Highly redundant,

geo-dispersed

Leverage External Expertise

Security & Privacy: Data

breach, IP, regulations

Data Sovereignty: Where is my

data?

Auditability & Compliance: Complicated by distributed cloud

Vendor Lock-In

Agenda

• Forces Shaping the Industry • Intel Cloud Vision • Intel IT Cloud Initiative • Intel Healthcare Cloud Capabilities • Summary

Intel Cloud 2015 Vision

Federated Share data

securely across public and private

clouds

Automated IT can focus more on innovation and

less on management

Client Aware Optimizing services based on

device capability

Workstations/ Desktops

Laptops Embedded Smart- Phones

Netbooks Tablets Smart TVs

From Vision to Action

Define and Prioritize IT

Requirements

IT & Service Providers

Take Advantage of New

Capabilities In Intel Platforms

Utilize Proven Reference Solutions

to Ease your Deployments

Products & Technologies

Intel® Cloud Builders

Helping IT on path to Cloud 2015

Agenda

• Forces Shaping the Industry • Intel Cloud Vision • Intel IT Cloud Initiative • Intel Healthcare Cloud Capabilities • Summary

Considering Cloud Deployment Today

Hybrid clouds

Cloud Brokers

Intel IT Strategy: develop private cloud while adopting selective best of breed public cloud services

Best for: • Security

• Compliance and Governance

• Interoperability

Example: Medical Records, Images …

Deployed behind firewall for an organization’s internal use

Best for: • Rapid Deployment

• Reduced Capital Expenditure

• External Vendor Expertise

Example: Training, Patient Billing …

Services via public internet, multi-tenant

“Private Clouds” “Public Clouds”

Intel’s Cloud Journey

Tomorrow

Hybrid Cloud Large

Private Cloud Limited

Public Cloud

Today

• 65% Virtualized

• 80% of New Services in the Cloud

• Under 1 Hour to Deploy Infrastructure

• Land Applications in Minutes

• Automation: Lower Cost with Less Resources

• Open Cloud for Bursting Capacity

Transformation of IT

Business Unit Control at High Cost

IT Control at Low Cost

Business

IT

Shared Control at Optimized Cost

Business & IT

IT

Business/IT

Business

IT IT

Business/IT

IT

By 2013 Hybrid Applications are the Norm IT controls data integration, security, governance and cost

Business Business

Embedded IT Business Owned

Centralized IT Cost Center/Service Provider

IT Integrator Service Broker

IT controls data integration, security, governance and cost

Agenda

• Forces Shaping the Industry • Intel Cloud Vision • Intel IT Cloud Initiative • Intel Healthcare Cloud Capabilities • Summary

Scalable, Secure, Cost Effective

• Compute: Xeon E5 processor I/O innovations

• Network: Unified network on 10GbE fabric

• Storage: Tiered storage solutions that balance responsiveness, capacity & cost

Balanced Cloud Solutions

Intel Security Focus Security & Trust Built-In

14

Recovery and Enhanced Patching

Detection & Prevention of

Malware

Securing Data and Assets

Identity Protection & Fraud

Deterrence

Robust, High Performance, Hardware Enabled Security

• Performant, eg encryption

• Robust (hardened), eg advanced

behavior / heuristics anti-malware

• Usable, eg manageable systems “just

work”, 2-factor authentication

• Cost effective

• Migrate core security logic to hardware

• Integrate separate security hardware

• Security software on general hardware

• Separate security hardware

Enabling Healthcare with More Usable and

Secure Safeguard Solutions

General Purpose

Hardware

Security Software

General Purpose

Hardware

Core Security

Logic

Core Security

Logic

Security Software

Core Security

Logic

Trend

Better

Performance,

Robustness,

Usability, Cost

Time

Separate Security

Hardware

Past

Tren

d

Fu

ture

EHR

Hardware

Software

Usable Healthcare Security Today

with Vertically Integrated Safeguards

Virtualization

Healthcare Endpoint

Out of Band

Management

Encryption

Instructions

Anti-Malware Remote

Management

Encryption /

Decryption

Encryption Anti-

Malware Secure

Management

Enable Healthcare with Usable Security, a Better User Experience, Improved Compliance, and Reduced Risk

Anti-Theft

Remote Lock

and Wipe

Anti-Theft

Identity

Protection

Identity Protection

2-Factor

Login

Advanced Encryption Standard New Instructions (AES-NI)

Internet Intranet

2. Encrypted communication on Internet and Intranet

1. Full-disk encryption for hard disks

3. Application-level encryption

Name: J.Doe

SS#

4. Encryption for files on portable media

• AES: dominant block cipher, standard: NIST FIPS 197

• AES-NI:

• Versatile

• 6 new HW instructions

• HW acceleration: 3+ times

• More secure than only software

• Supports all standard usage modes of AES

• Available in 2010+ Intel Core and Xeon processors

AES-NI protects confidentiality at rest, in transit, and is versatile with a variety of different use cases

Hardware Assisted Security for Healthcare

Healthcare Client

AES- NI

IPT Anti-Theft

vPro AMT

Healthcare Server

AESNI

VT SSD

(AES)

SSD

(AES) TXT VT TXT

• SSD (Solid State Drive) with AES: high performance encryption of data at rest

• AES-NI (Advanced Encryption Standard—New Instructions): high performance, robust encryption

• IPT (Identity Protection Technology): strong 2-factor authentication

• Anti-Theft: mitigating risk of loss or theft of a client with sensitive data at rest

• vPro AMT (Active Management Technology): improving manageability, patching and compliance

• VT (Virtualization Technology): accelerates virtualization and enables anti-malware

• TXT (Trusted Execution Technology): protects confidentiality and integrity of virtualized systems

• XD (Execute Disable Bit): prevents execution of malware from data memory

• OS Guard (Operating System Guard): prevents execution of malware from application memory

• Secure Key: digital random number generation

vPro

AMT

XD XD OS Guard Secure Key

Enhancing End to End Cloud Security Intel & McAfee: Securing the Cloud

www.intel.com/cloudsecurity www.mcafee.com/datacenter

Secure Cloud Data Centers

In next 5 years, make cloud security equal to or better than traditional best in class enterprise security

Secure the Connections

Secure User & Intelligent Devices

Industry Collaboration

Available Today Future Developments

Accelerate broad adoption of security standards for cloud & enable broad range of open, interoperable security solutions

Protect infrastructure + policy enforcement & monitoring

Intel VT & TXT, McAfee MOVE AV, McAfee ePO1, Application Control

1 Integrating McAfee ePolicy Orchestrator (ePO) with Intel TXT requires custom integration work

Secure data & traffic between enterprises & clouds

McAfee Cloud Security Platform

Identity & Data Protection

Intel Identity Protection Tech., McAfee Cloud Identity Manager,

McAfee Deep Defender

Broaden & strengthen security enforcement and auditability across cloud infrastructures

Increased integrity assessments between devices

and cloud infrastructure

Enhanced protections against new forms of malware and

identity theft

Hardware-enhanced security + software & services key to achieve mission

Summary

• Healthcare is undergoing a rapid transformation

• Agile organizations will be best positioned to adapt quickly to this changing environment

• Cloud computing can enable agile, cost effective, and highly available solutions… but ensuring security and compliance concerns are addressed is paramount

• Intel is working with fellow travelers to produce secure, high performance, cloud solutions that help meet compliance and integration needs of the healthcare industry

Additional Resources • Chris Gough chris.s.gough@intel.com • Intel Healthcare IT Professionals

http://premierit.intel.com/community/ipip/healthcare

• Peake Healthcare Innovations Medical Imaging Cloud http://www.youtube.com/watch?v=1n2dXGWPFmc

• Transforming the Health IT Storage Landscape http://www.youtube.com/watch?v=dhC7O9R_-3w

• Cloud Security: Built from the Ground Up http://www.youtube.com/watch?v=ellmGntUA3w

• GNAX Health: Protecting Healthcare Data in the Cloud http://premierit.intel.com/docs/DOC-6393

• Secure Healthcare Cloud: Start Now http://premierit.intel.com/docs/DOC-6130

• Intel Expressway Product Line http://software.intel.com/en-us/articles/Perimeter-Security-Products/

• Intel Cloud Builders http://www.intel.com/itcenter/topics/cloud/cloudbuilders/index.htm

• Open Data Center Alliance http://www.opendatacenteralliance.org/

Thank You