Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


08:05 AM

Harvard Steps Up to Data Protection

Juggling data, devices, and medical records creates multiple challenges

BOSTON -- StorageWorld -- From dealing with thousands of online attacks a day to overseeing a major storage and disaster recovery overhaul, John Halamka, CIO of Harvard Medical School has his hands full.

"Harvard and Harvard Medical school are attacked every seven seconds, 24 hours a day, seven days a week," he explained, during his keynote speech here today, adding that the bulk of the attacks come from Eastern Europe. "It is a constant battle -- we have to innovate faster than the hackers," he added.

The exec also prompted laughter from the audience when explaining that he also has to cope with online attacks from eastern Cambridge, home of MIT. "Give these guys more homework or something!" he quipped.

As well the usual slew of intrusion prevention and detection systems, Halamka explained that he has had to go an extra mile to secure the medical school's systems. "We have locked down our environment -- ninety-plus percent of all our devices are 'ten-dot addressed' at this point," he said.

"Ten-dot addressing" is a method of adding additional binary code to an IP address, making it more difficult for hackers to access internal systems.

Additionally, the medical school employs three full-time staff solely to check logs. "We're constantly looking at audit logs for evidence of badness," he added.

Encryption is also high priority for Halamka and his team. "We encrypt everything on the wire to ensure that it never travels from device to device unencrypted." But, he explained, the school does not encrypt the data at its source, explaining that at the moment, it's simply too complex.

The exec, in addition to his Harvard role, is also CIO of healthcare firm The CareGroup, which oversees three Massachusetts hospitals, including the university's Beth Israel Deaconess facility, Mount Auburn Hospital, and New England Baptist Hospital.

This, explained Halamka, brings its own set of storage challenges, as the organization shifts around 100 Tbytes of data through 8,000 end-user devices every day. Then there are the retention issues to address. "I have to store every medical record for 9 million people for 30 years. Of course, this makes storage companies really happy," he said.

The exec is using information lifecycle management (ILM) as a way round this problem, despite some skepticism from other users about the technology. (See Users Cite ILM Shortfalls.) EMC's Symmetrix DMX hardware is the CareGroup's primary storage tier, with Clariion devices providing the secondary and tertiary levels. Centera hardware is used as an archive, with StorageTek PowderHorn devices handling backup tapes at a facility some 35 miles from Boston.

The exec, however, is looking to change his firm's reliance on offsite tapes. "If suddenly we have a catastrophic event, it's pretty hard to get a recovery time objective of 15 minutes if the tapes are offsite," he said.

At the moment, the Care Group relies on a single Boston data center to handle all this data, which is an additional disaster recovery risk. "If I have a catastrophic loss of this building, then I have a catastrophic loss of my storage assets," said Halamka.

To address both these problems, Halamka has focused his attention on an old data center some two miles away from his primary site. "We're repurposing a legacy data center that we had closed down some years ago," he said, explaining that he is building gigabit Ethernet links between the two sites. "The reality now is that we can virtualize storage across two disparate locations. We can say, 'Let's put a tape silo here and a tape silo there,' " he explained.

The exec, who already uses VMware to virtualize his 200 Wintel servers, told Byte and Switch that his secondary data center will be up and running sometime next year.

— James Rogers, Senior Editor, Byte and Switch

  • EMC Corp. (NYSE: EMC)
  • Storage Technology Corp. (StorageTek)
  • VMware Inc. (NYSE: VMW)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 9/21/2020
    Cybersecurity Bounces Back, but Talent Still Absent
    Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
    Meet the Computer Scientist Who Helped Push for Paper Ballots
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
    Register for Dark Reading Newsletters
    White Papers
    Latest Comment: Exactly
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2020-09-22
    Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.
    PUBLISHED: 2020-09-22
    Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.
    PUBLISHED: 2020-09-22
    Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. It is possible to upload an executable or .bat file that can be executed with the help of a functionality (E.g. the "Application Star...
    PUBLISHED: 2020-09-22
    Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.
    PUBLISHED: 2020-09-22
    Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuratio...