Posted by Sandeep Chandra, Division Director, San Diego Supercomputer Center. The San Diego Supercomputer Center (SDSC) offers a secure, end-to-end cloud cyberinfrastructure – called Sherlock Cloud – along with a portfolio of managed services for protecting sensitive data. The services are available to any organization needing a secure environment. Sherlock Cloud’s resources can be tailored to the individual project’s needs while leveraging economies of scale and shared expertise. Thus new projects can be deployed and managed without a large investment of time, cost, or infrastructure.
Sherlock’s Security Standards
Developed by the SDSC Health Cyberinfrastructure (CI) Division, the Sherlock Cloud services have been available to various UC entities, government and state agencies, and academic researchers since 2008. The infrastructure was built to comply with the Federal Information System Management Act (FISMA) requirement and to comply with hundreds of National Institute of Standards and Technology (NIST) controls governing system access, information control, and management processes (i.e., NIST 800-53). It also addressed federal Cloud First requirements.
Subsequently, the Division expanded its cloud offering to include environments compliant with the Health Insurance Portability and Accountability Act (HIPAA), Controlled Unclassified Information (CUI), and Cybersecurity Framework (CSF). In fact, the division has been designated as an SDSC “Center for Excellence” for secure HIPAA compliant managed cloud services. Because the flexibility that HIPAA, CUI, and CSF provide in terms of compliance results in ambiguity with respect to requirements, the Health CI Division relied on the stricter requirements outlined in NIST to satisfy the HIPAA, CUI, and CSF requirements. Thus, the Sherlock Cloud environment includes additional security requirements above and beyond those outlined in HIPAA, CUI, and CSF.
Benefits of Partnering with Sherlock Cloud
Sherlock partners reap the benefits of a highly secure environment to protect their sensitive data. In addition, they can exercise a more hands-off approach when it comes to the intricacies and requirements of compliance. The Health CI Division provides a complete, end-to-end solution for all of the services related to its cloud hosting and compliance. For more information: