Secure Research: A Modern Framework for Modern Needs

Planet has worked extensively with higher education institutions, non-profit research groups, and DIB organizations to establish compliant secure enclaves. Whether these enclaves serve research or production workloads, we have seen two common use cases emerge for these organizations:

  1. Establish foundational Azure environments to support future project needs.
  2. Identify project workloads.

In both scenarios, institutions have recognized that shifting their research enclaves from a “cloud fit” to “cloud first” thinking enables them to reduce their risk of full ownership of compliance and provide higher level of services to support their storage, databases, and other traditional IT needs.

Universities are turning to the cloud to provide PI’s and researchers with access to services, establish ATO’s for federally funded research, and maximize storge, thereby minimizing the need for one-size-fits-all investments to on-premises environments.

The value of the cloud for these workloads is based on the need for short-term resources to long term projects where dynamic scaling is required. Whether it’s an individual researcher requiring compute/storage to conduct a statistical program, to a 3-year project for collecting and analyzing data, the broad set of cloud services enables organizations to support any use case, without requiring large scale capex expenditures. Finally, the grant proposals themselves require specific cybersecurity and regulatory compliance to be addressed, and research directors are in decision-making mode to upgrade and invest their on-prem infrastructure or shift the research infrastructure to the cloud.

As universities evaluate their options for the cloud, they are faced with the challenge of establishing a baseline secure enclave, with governance and enabling scalability to meet the myriad of cybersecurity controls (NIST, CMMC, HIPAA).

Shared Responsibility Model

Ensuring security and compliance in academic research is a challenging and expensive process, especially when on-premises systems and varied data sets are involved. With research teams using standalone systems, many institutions are stuck traversing the compliance process multiple times for each new grant, award, or sponsored research effort. It can take weeks or even months to establish a compliant system before moving forward with the sponsored research effort. With the growing need for collaboration and sharing of data among universities, researchers, and the government, the question is not just about how: it’s also about how these organizations can do so securely and efficiently.

The Challenge:

Supporting secure research in cloud environments typically involves creating the cloud environment that is specifically designed for the researchers (Research Enclaves). While the CSP’s addressed that aspect, it is but a small piece of the puzzle. Internal IT teams are burdened with institutional enterprise infrastructure management and project support. Researcher requests may end up in queue, which in turn may impact universities’ ability to obtain the necessary funding in the timeframes required for Grant approval.

What’s Missing, Yet Needed

Researchers and IT staff are not discussing solutions to create a simplified and agile end-to-end service to accommodate universities beyond the creation of an enclave, when this model that builds upon the CSP secure enclave provided is exactly what’s needed!

In the “everything-as-a-service” world that we live in today, research universities should be provided with a step-by-step guide for requesting and provisioning compliance and service management as a complete solution that can be managed by Planet and/or the institutions’ internal IT teams.

With the movement towards productizing IT services/capabilities, the research-enclave-as-a-service approach would unburden internal IT and in turn require less ramp up and training time. Similarly, organizations could also look at mitigating risk, as they are not asking internal IT teams to manage differing and complex compliance and security controls that may fall outside of their traditional internal policies and day-to-day activities.

The ability to introduce agility and end-to-end service specifically catered to the researcher’s needs, which includes the ability to track its specific spending, is not something that we should only be thinking about, it’s what universities should be expecting!

It’s Real and It’s Here!

We’re not just hypothesizing: Over the past few months, we have shown university researchers how they can accomplish this today.

When we talk modernization, it’s not just for the enterprises that we support. It’s for every use case including those with specific requirements and protected data needs. Providing a programmatic approach to quickly provision while ensuring NIST 800-53 and 800-171 as well as any additional compliance requirements based on your specific research initiative is a conversation that every research institution should be implementing.

The cloud has enabled faster business outcomes, so why is leveraging it for faster great enablement and research outcomes lagging? Planet is here to move research into modern times one institution at a time.