by Chris Bowen
Chief Privacy & Security Officer and Founder
This is the first in a three-part series on enabling your journey to the cloud and understanding the beneficial role a cloud security architect can play in informing your cloud decisions.
Much of the US healthcare system is broken. Following cancer and heart disease, medical errors comprise the number three (#3) leading cause of death in the U.S.1 Behind this disaster is a fractured and aged infrastructure, inadequate data security and HIPAA compliance, and stifling medical data sprawl. There was a time when healthcare IT teams could handle their own data scaling and security in warehouses or even in the cloud. But now, providers, payers, life sciences and healthcare IT who are working to innovate toward better healthcare outcomes are realizing the days of on premise are behind them. They are seeing an increasing amount of their resources spent on security and compliance, taking time away from business objectives and core competencies.
The need for cloud, with its efficiencies, scalability, flexibility and other benefits, is creating a mass movement toward public cloud for healthcare. Once cloud skeptical, healthcare CIOs have seen the benefits of the cloud and are rapidly adopting compute, storage, and network services from the three major public cloud providers: Microsoft Azure, Amazon Web Services and Google Cloud Platform, among others. The advanced CIO is now using containers, microservices, and serverless technologies. The benefits of cloud computing are now so well known that the tipping point of cloud adoption has passed.
Here are a few reasons for this transformation of rapid adoption:
- Cost — Savvy CIOs will tell you that the cost argument for cloud computing can be misleading; and may warn to beware of death by a thousand cuts. Yes, most cloud functionality comes inexpensively; but based on the volume of workloads, the cost can be significant. Nonetheless, the price of cloud computing, on balance, is lower than with on-premises systems, CIOs only pay for what they use, and the cost is on a relatively constant trajectory downward. The secret to success is in planning your migration for cost optimization and scaling.
- Scale – Instead of acquiring hardware and software ready for the business days of the year, CIOs can burst with enough capacity to provide information at the right time, at lightning speed, and then contract those resources to save money. Clouds are built at scale, precisely to scale, but only as much as is required.
- Agility – Those managing data center operations in a physical data center are keenly aware of the need to plan the deployment of new services around the timing of the delivery truck, the racking and stacking of physical gear in the data center, network integration, and full configuration. That takes time. Healthcare has adopted cloud to be agile; to deliver services to patients as soon as possible.
- Disaster Recovery and Redundancy – While not the most exciting aspect of enterprise IT, DS and redundancy are of critical importance, and the cloud provides an excellent option. Snapshots can be taken at any time, and technologies like change-data-capture (CDC) can be used to optimize the backup processes, such that massive amounts of data need not be uploaded regularly. Moreover, as with other aspects of cloud computing, the costs for online backup continue to trend downwards.
- Security and Compliance — Moody’s released a report that revealed healthcare in general, and hospitals in particular, face significant risks from cyberattacks. In fact, 2018 was a record-breaking year for healthcare data breaches, with 365 healthcare data breaches of 500 or more records reported, up almost 2% from the 358 data breaches reported in 2017 and 83% more breaches than in 2010 .
Perhaps the most prevalent reason behind the wave of adoption was that hackers have gotten much better, and thus the professionals who can effectively harness the most modern tools for outwitting them are an elite group. While this may make the skeptical CIO pause, cloud-based technologies tend to bake in essential services and technologies, including automation, data integrity, and locality controls, enhanced system telemetry, and granular access controls that provide security in ways your IT Team may not be able to. And as a healthcare exclusive provider, ClearDATA can provide defense-in-depth strategies, services and solutions to ensure a secure and compliant environment across Azure, AWS or GCP, more secure than is possible with on premise.