Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Entity–attribute–value model wikipedia , lookup
Data center wikipedia , lookup
Computer security wikipedia , lookup
Data analysis wikipedia , lookup
Clusterpoint wikipedia , lookup
3D optical data storage wikipedia , lookup
Data vault modeling wikipedia , lookup
Microsoft SQL Server wikipedia , lookup
Information privacy law wikipedia , lookup
Strengthening Data Security and Creating More Time for Patient Care Customer: Beth Israel Deaconess Medical Center Website: www.bidmc.org Customer Size: 8,000 employees Country or Region: United States Industry: Healthcare Customer Profile Beth Israel Deaconess Medical Center (BIDMC), based in Boston, is a teaching hospital for Harvard Medical School. Regularly cited as a “best hospital” in multiple specialties by U.S. News & World Report, BIDMC is also known for its innovative use of IT in healthcare. Software and Services Microsoft Server Product Portfolio − Microsoft SQL Server 2014 Enterprise Microsoft Azure Platform − Microsoft Azure HDInsight Services − Microsoft Power BI for Office 365 Technologies − Active Directory Domain Services For more information about other Microsoft customer successes, please visit: www.microsoft.com/casestudies “This solution speeds up the process of monitoring security events in near-real time and allows us to detect any suspicious activities quickly.” Ayad Shammout, Director of Data Platform & Business Intelligence, Beth Israel Deaconess Medical Center IT administrators at Beth Israel Deaconess Medical Center are using new database technology to stop data breaches in seconds—and help physicians focus even more on patients. Business Needs Like most doctors today, physicians at Boston’s Beth Israel Deaconess Medical Center (BIDMC) don’t have a lot of time on their hands. Their days are packed full of checkups and surgeries for the thousands of patients that come through the hospital’s doors every year. So when they have trouble logging on to one of the hospital’s clinical information applications, that’s a problem. If the system isn’t letting them in, time that could be spent counseling patients or accessing critical medical information is lost. A Frustrating Wait for IT As part of the hospital’s commitment to data security, the IT team uses a security event monitoring system to track every network logon attempt. But if physicians called to report logon trouble, the IT team would often have to wait more than one hour for the monitoring system to run a report based on data from a Microsoft SQL Server database. The database collects data from all security events, such as failed logons. “We ran that report every hour, so if somebody called the help desk to say their account was locked and they didn’t know why, we resolved the issue for them quickly, but our investigation to find the root cause of the problem could take up to an hour,” says Ayad Shammout, Director of Data Platform & Business Intelligence at BIDMC. That wait time was frustrating for IT, which needs to be able to quickly identify why a logon attempt failed. Was it simply a forgotten password? Or something worse, such as a cyberattack that might compromise the account—and possibly personal patient information? In an era when data breaches happen with alarming regularity, even in hospitals, BIDMC needs to ensure it’s on top of the situation. “We have to quickly investigate every system login problem to find out if there’s any suspicious behavior,” Shammout says. “We had to have a faster way of getting this information. If there’s a data breach, and I’m under pressure to run some queries to find out what’s going on, I don’t have minutes to wait to run that query.” The Need for Speed Part of the reason the BIDMC security event monitoring system took so long was that the process for collecting event data was slow. In that process, six domain controllers fed event data to a central table in SQL Server. But the job that reads the data and updates the table, conducted at the top of every hour, took up to three minutes.. The process was further delayed because the hospital’s numerous data warehouses included multiple data sources and hundreds of millions of table rows of data. In fact, the BIDMC IT team relies on Microsoft technology for approximately 200 application databases, including missioncritical clinical software and a security system. As a result, it could take up to 45 seconds to run a query. “If we face an immediate threat, and it takes the better part of a minute for security staff to run a query, that’s not acceptable,” says Don Wood, Manager of Database Administration at BIDMC. “And by the time they get results back, the data might no longer be relevant, so they could have to run the query over and over again.” Additionally, the hospital kept only 30 days of data as part of its service level agreements for the security monitoring system. Although this kept performance from slowing down even more, it also made it difficult for administrators to look for recurrent patterns over longer periods of time, such as a history of failed logon attempts from specific users or IP addresses. “So we needed faster query performance but also more insight into security events,” says Shammout. Optimizing Memory with a New Database Solution BIDMC started down the road to improved performance by implementing Microsoft SQL Server 2014 Enterprise software. Specifically, the hospital wanted to take advantage of the in-memory columnstore feature in SQL Server 2014, which improves transactional performance and data compression. As a way to gain more insight into historical security event data, the hospital is also experimenting with the use of cloud-based offerings such as Microsoft Azure HDInsight and Microsoft Power BI for Office 365. HDInsight is an Apache Hadoop implementation that runs in the cloud, and Power BI provides a set of online analytics and reporting tools. The hospital’s IT team created a data warehouse based on SQL Server 2014 for the security event monitoring system. The new solution works with Active Directory Domain Services to collect all security event data throughout the hospital network. Security and help-desk staff use the system every day to look for unsuccessful logons, suspicious activities, or patterns that might indicate a cyberattack. These staff members are also able to work directly with the large data sets by using Microsoft Power Query for Excel, instead of relying on the BIDMC IT team to aggregate the information. In addition, the IT team created an interactive report with dashboards that returns results within seconds. Cutting Query Time by 75 Percent For the hospital’s IT administrators, the difference in system performance before and after SQL Server 2014 was dramatic. For example, query execution times have dropped by 75 percent in some cases. “Some of our queries have a 45-second execution time,” notes Wood. “With SQL Server 2014, that dropped to 10 seconds. That’s a huge improvement.” The organization is also using the new solution’s built-in data compression capabilities to increase the data retention period from 30 to 90 days before archiving the information. “We can keep 90 days of data with no impact on performance,” Shammout says. Several months after the initial deployment, Beth Israel implemented the in-memory online transaction processing (OLTP) solution in SQL Server 2014. InMemory OLTP is a memory-optimized database engine integrated into the SQL Server engine and designed to improve transactional performance and data compression. It uses main memory optimization and no-locking/no-latching concurrency control mechanisms to remove bottlenecks caused by scaling up. This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Document published November 2014 Benefits In addition, the event data update process, which used to run once an hour, can now be run every five minutes because of performance improvements achieved through In-Memory OLTP. And the job itself, which used to take up to five minutes to run, now takes only seconds. “When we first started running these jobs after deploying SQL Server In-Memory OLTP, we thought the domain controllers had stopped sending data because we saw no delays at all,” says Shammout. “The data was being inserted into the table immediately.” Data Breach Discovery in Seconds The result of this vast improvement in system speed is that BIDMC can now get to the root cause of failed logons in mere seconds. “From an IT perspective, we can find out what’s going on immediately when there’s a logon issue or unusual activities,” Shammout says. “And our security and help-desk staff not only can get answers faster but also can look at the event by IP address, user name, or specific time. They have more information at their fingertips now, so we have a better and faster ability to stop a potential data breach at the hospital.” to-end solution with the built-in BI stack in SQL Server 2014.” BIDMC is also able to analyze more data than before. “We can insert 5 million records a day into the security event monitoring system now,” says Shammout. And the hospital anticipates that it can maintain high levels of performance even when it triples the volume of historical data in its warehouse. As a result, it can gain better insight faster to help meet its service level agreements and keep the hospital running smoothly and securely. “The volume of data always keeps growing,” says Wood. “With SQL Server 2014, we can improve our availability and performance— and ultimately provide better data service for patient care.” The hospital has already conducted a proof of concept in which it stores large amounts of unstructured log data in HDInsight Blob Storage, processes it with HDInsight, and then uses on-premises BI tools to analyze the information. In a separate project, BIDMC business users have tried out Power BI tools such as Power Q&A, a natural-language query feature that automatically generates reports based on questions asked. “We’d really like to move forward with HDInsight,” says Shammout. “Already, different clinical departments in the hospital have implemented cloud solutions, so they’re becoming much more open to the cloud as an idea, and they’re more confident in the security of cloudbased applications.” Helping IT Staff Focus on Security and Physicians Focus on Their Patients Because they can more quickly identify whether or not they’re dealing with a security breach, BIDMC administrators can be more proactive about security. “This solution speeds up the process of monitoring security events in near-real time and helps us detect any suspicious activities quickly,” says Shammout. Physicians, meanwhile, can focus even more on healthcare because IT has more time to help physicians who are struggling to start critical healthcare applications. “From a user perspective, our physicians obviously need to access clinical applications quickly,” says Shammout. Better Access to Big Data Looking further ahead, BIDMC hopes to use HDInsight and Power BI to gain better access to big data within the hospital by extending its on-premises infrastructure with cloud services. “What I’ve found with HDInsight is that it removes a lot of administrative headaches,” says Wood. “It’s a straightforward and easy process to scale out and add new resources. HDInsight can be used for storage and provides an end- A Role Model for Data Security As it continues to expand its use of innovative technologies, BIDMC expects to be seen as a role model by other regional hospitals that are considering their own data security solutions. “We are part of the larger Harvard network, and many of the other hospitals in that network look to us to see what technologies we’re implementing,” says Shammout. “Solutions like this one put us ahead of the game. At an IT level, these other hospitals can learn from us once we go live, and I don’t doubt that they’ll follow suit with their own solutions once they see what we’re doing here to better monitor and secure our data.” This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Document published November 2014