With hundreds of millions of dollars in Federal Grant funding at stake, research universities must comply with Federal data protection standards within their research programs. Hear how UMD worked with Nutanix and Tera Insights to automate and streamline their ability to meet complex requirements of NIST 800-171 to protect controlled unclassified information (CUI).
INDUSTRY
Higher Education
BENEFITS
- Consolidated, encrypted infrastructure platform meets standards for NIST 800-171 as required for federal grants to protect Controlled Unclassified Information (CUI)
- Straight forward interface will provide security and convenience for researchers
- Ability to spin up new resources fast helps ensure the university is qualified for needed grants
SOLUTION
- Nutanix Enterprise Cloud
- Tera Insights tiCrypt
- Acropolis AHV
APPLICATIONS
- Business productivity applications
- MATLAB data analytics
- Linux scientific computation workloads
BUSINESS BENEFITS
The University of Maryland is the state’s flagship university and a global leader in research. In the 2019 fiscal year, UMD received a total of $570 million in external research funding. As the only major public research university inside the Washington, D.C. beltway, the institution is uniquely positioned for federal partnerships and grants. This work often includes stringent data protection requirements to be met by researchers. With demand anticipated to grow, the university needed a secure infrastructure that would make it easy for researchers to access the IT resources they needed for their projects while meeting compliance requirements for grant eligibility. The university deployed a combined solution featuring powerful encryption management from Tera Insights tiCrypt, running on a hyperconverged infrastructure (HCI) from Nutanix. This secure, flexible solution enables the university to size its IT resources appropriately while providing a clear pathway to scale.
With the Nutanix HCI, everything is there all in one spot, so you don’t have to worry about things like external storage connectivity. It’s all rolled in, requiring a minimal amount of effort to manage, with strong performance and high security. The solution delivers a win-win all the way around.
Jeff McKinney, Director of Engineering IT Operations, University of Maryland
CHALLENGES
Located just outside Washington, D.C., the University of Maryland strives to discover and share new knowledge through its renowned research enterprise and academic programs. Standards are high for receiving federal grant funding, and an increasing number of opportunities are contingent on compliance with the U.S. National Institute of Standards and Technology (NIST) security standards. “More and more grants must meet the NIST 800-171 compliance standard for handling controlled information,” said McKinney. “The data is not classified, but might potentially include information from entities like the Department of Defense (DoD), the Centers for Disease Control and Prevention (CDC), the Department of Energy (DOE) or National Security Agency (NSA). The government basically said that if we wanted to gain those types of grants, we would have to implement a more secure infrastructure.”
The University of Maryland needed a solution that could deliver the security it needed to qualify for grants without adding IT management complexity and overhead. The university was reluctant to engineer a back-end infrastructure as some institutions have done. “We were looking for technology that would assist us, so we would not have to do so much work on the process side of things,” said McKinney. “We didn’t want to have to worry about supporting both the hardware and software. We wanted a simplified approach with streamlined support processes.”
SOLUTION
After considering several options, the university chose a combined infrastructure solution from Nutanix and Tera Insights. Nutanix Enterprise Cloud, with its built-in security, and the Acropolis AHV hypervisor, based on hardened Kernel-based Virtual Machine (KVM), provided a highly secure HCI environment. This platform was an ideal complement to Tera Insights tiCrypt software, which makes file sharing simple and secure through the utilization of public/private key encryption. The solutions work together seamlessly to enable a single secure platform for handling research data while masking complexity.
“Nutanix and tiCrypt both use KVM under the covers, so that made it easier to make them work together as a purpose-built tool. On the back end, we got a known, trusted name in Nutanix,” said McKinney. “It’s very straightforward, and everything we need to see and manage is all there in the GUI. It just makes life easy.”
CUSTOMER OUTCOME
The combined Tera Insights and Nutanix solution helps automate application and provisioning processes for grant-based research, offering the ability to scale rapidly to accommodate unexpected changes and new grant requests. “I wanted an easy way to manage the back end and know that it would be the right configuration and that we could easily grow it as well,” said McKinney. “We have no idea how many grants are actually going to come in based on NIST requirements, so we wanted a solution that could easily grow if we needed it.”
With Nutanix, administrators can rapidly add new resources to the platform with just a few mouse clicks, to take advantage of more grant opportunities more often. “If someone walks in and tells us that they have received a new $10 million grant, but it needs five times the infrastructure, that’s a good problem to have— but only if you are ready to handle it quickly,” said McKinney. “All these grants are subject to limited time frames, and if it takes you six months or more to set one up, you are in trouble.”
The powerful encryption provided by Tera Insights tiCrypt also helps protect data from unauthorized access or exfiltration, while making it easy for researchers to work on the platform. “Administration is where Tera Insights really shines,” said McKinney. “Because this is set up in such a way that everything is encrypted, the system admin does not have access to the data, so they would not be able to accidentally or intentionally expose data. The platform was designed from the ground up with security in mind.”
NEXT STEPS
With its new platform nearly in production, the University of Maryland is finalizing procedures to provide access to researchers throughout the organization. The scalable solution provides numerous options for expansion as well. To facilitate storage of research data, the university is evaluating Nutanix Files to enable software-defined scale-out file storage solutions with simplified self-service management.
The new platform can also potentially support high-performance computing (HPC) applications by enabling administrators to extend their resources without compromising security. Thomas Samant, Director of Product at Tera Insights explained, “Tera Insights is working on an add-on feature for HPC. Once the feature is complete, the system will be able to utilize resources in HPC clusters by bringing available nodes into tiCrypt’s secure enclave. As a result, users will be able to run anything from smaller batch processing jobs to full-scale MPI jobs within tiCrypt. This way you can use your existing HPC resources as part of a NIST 800-171 infrastructure without having to re-architect your HPC system.”
The University of Maryland is looking forward to continuing to grow and build on its secure, encrypted platform to take advantage of new grant opportunities well into the future.