Harvard Steps Up to Data Protection

BOSTON -- StorageWorld -- From dealing with thousands of online attacks a day to overseeing a major storage and disaster recovery overhaul, John Halamka, CIO of Harvard Medical School has his hands full.

"Harvard and Harvard Medical school are attacked every seven seconds, 24 hours a day, seven days a week," he explained, during his keynote speech here today, adding that the bulk of the attacks come from Eastern Europe. "It is a constant battle -- we have to innovate faster than the hackers," he added.

The exec also prompted laughter from the audience when explaining that he also has to cope with online attacks from eastern Cambridge, home of MIT. "Give these guys more homework or something!" he quipped.

As well the usual slew of intrusion prevention and detection systems, Halamka explained that he has had to go an extra mile to secure the medical school's systems. "We have locked down our environment -- ninety-plus percent of all our devices are 'ten-dot addressed' at this point," he said.

"Ten-dot addressing" is a method of adding additional binary code to an IP address, making it more difficult for hackers to access internal systems.

Additionally, the medical school employs three full-time staff solely to check logs. "We're constantly looking at audit logs for evidence of badness," he added.

Encryption is also high priority for Halamka and his team. "We encrypt everything on the wire to ensure that it never travels from device to device unencrypted." But, he explained, the school does not encrypt the data at its source, explaining that at the moment, it's simply too complex.

The exec, in addition to his Harvard role, is also CIO of healthcare firm The CareGroup, which oversees three Massachusetts hospitals, including the university's Beth Israel Deaconess facility, Mount Auburn Hospital, and New England Baptist Hospital.

This, explained Halamka, brings its own set of storage challenges, as the organization shifts around 100 Tbytes of data through 8,000 end-user devices every day. Then there are the retention issues to address. "I have to store every medical record for 9 million people for 30 years. Of course, this makes storage companies really happy," he said.

The exec is using information lifecycle management (ILM) as a way round this problem, despite some skepticism from other users about the technology. (See Users Cite ILM Shortfalls.) EMC's Symmetrix DMX hardware is the CareGroup's primary storage tier, with Clariion devices providing the secondary and tertiary levels. Centera hardware is used as an archive, with StorageTek PowderHorn devices handling backup tapes at a facility some 35 miles from Boston.

The exec, however, is looking to change his firm's reliance on offsite tapes. "If suddenly we have a catastrophic event, it's pretty hard to get a recovery time objective of 15 minutes if the tapes are offsite," he said.

At the moment, the Care Group relies on a single Boston data center to handle all this data, which is an additional disaster recovery risk. "If I have a catastrophic loss of this building, then I have a catastrophic loss of my storage assets," said Halamka.

To address both these problems, Halamka has focused his attention on an old data center some two miles away from his primary site. "We're repurposing a legacy data center that we had closed down some years ago," he said, explaining that he is building gigabit Ethernet links between the two sites. "The reality now is that we can virtualize storage across two disparate locations. We can say, 'Let's put a tape silo here and a tape silo there,' " he explained.

The exec, who already uses VMware to virtualize his 200 Wintel servers, told Byte and Switch that his secondary data center will be up and running sometime next year.

— James Rogers, Senior Editor, Byte and Switch