Aws jvaria e_collaborationforum
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Aws jvaria e_collaborationforum

on

  • 489 views

 

Statistics

Views

Total Views
489
Views on SlideShare
489
Embed Views
0

Actions

Likes
0
Downloads
5
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Technology innovation has always driven the growth of Amazon.com.  As Amazon expanded its product offerings for retail customers, the company also expanded customer segments. After over a decade of building and running a highly scalable web application, Amazon.com, the company realized that it had developed a core competency in operating massive scale technology infrastructure and datacentres, and embarked on a much broader mission of serving a new customer segment—developers and businesses—with a platform of web services they can use to build sophisticated, scalable applications.  In 2006, we launched Amazon Web Services and officially began offering businesses and developers access to the web scale computing services based on Amazon’s own back-end technology infrastructure. AWS gives any developer the keys to this infrastructure, which they can use to build and grow any business.  This makes it possible for any business to reach the scale of major internet players like Amazon.com, but without the expensive price tag they would have to pay to build and maintain such a reliable, secure, and scalable infrastructure.  “It's not customers' job to invent for themselves. It's your job to invent on their behalf. You need to listen to customers. You need to invent on their behalf. Kindle, EC2 would not have been developed if we did not have an inventive culture.” - Jeff Bezos, Founder & CEO, Amazon.com
  • To give you an idea of growth and investment that we are doing and how much capacity we are adding to meet our demand. In the year 2000, Amazon.com was a 2.7B enterprise. Today, AWS is adding amount of storage and compute capacity that Amazon required in year 2000 every day. So conceptually, five days from now, it will be five times the capacity required to run 2.7B enterprise. If you think about it, its huge.
  • To give you an idea of growth and investment that we are doing and how much capacity we are adding to meet our demand. In the year 2000, Amazon.com was a 2.7B enterprise. Today, AWS is adding amount of storage and compute capacity that Amazon required in year 2000 every day. So conceptually, five days from now, it will be five times the capacity required to run 2.7B enterprise. If you think about it, its huge.
  • Our customers continue to make very heavy use of Amazon S3. We now process up to 500,000 S3 requests per second. Many of these are PUT requests, representing new data that is flowing in to S3. As of the end of the fourth quarter of 2011, there are 762 billion (762,000,000,000) objects in S3.
  • We have customers in 190 countres. You will notice that I have some big brand names like shell, Capital IQ
  • To understand why there’s all this excitement, it’s helpful to look at analogies of some major changes that have occurred in other industries over time. Here’s a picture of our CEO at the museum of a beer manufacturing facility in Belgium. This is their electric generator that they used over 100 years ago. There was no electric grid or utility industry then. If you wanted electricity, you made it yourself. That probably seemed very natural at the time – but I guarantee you that making their own electricity didn’t make their beer taste any better. Well, a couple decades later, the electric grid sprang up, and companies stopped making their own electricity; that was a fundamental shift in how they consumed one of their major inputs, and this freed them up to focus on things that likely mattered a lot more to their customers – like the beer. We think the chance exists for the company-owned data center to undergo just as fundamental a transformation over the coming years, as companies realize that they don’t necessarily have to be experts in this. People are now starting to glimpse that future, and find it pretty exciting.
  • Businesses of all sizes need business applications to implement new ideas, streamline existing businesses, drive sales, and increase productivity. But behind each business application there is a sea of complexity and cost. Business applications need servers, storage, datacenter space, power, bandwidth, networking, cooling, etc. They also need development, testing, quality assurance, production and fail-over environments. It’s easy to see why even the largest companies with the best IT departments face significant challenges to get the business applications they need. The reality is that buying and managing on-premise infrastructure to run business applications is costly and complexIt’s very common for business users to wait months for new physical servers to be ordered and delivered. Meanwhile IT is busy managing the purchase process, negotiating contracts, discussing support options, etc. When the servers arrive, IT still has a lot of heavy lifting to do before they are ready to run business applications: find datacenter space, install the software stack, optimize settings, etc. And when the applications are finally deployed, IT has to maintain the new environment, manage uptime, apply patches, scale up or down, etc. It’s no surprise that most organizations spend a large portion of their IT budgets keeping the lights on. In fact, Gartner estimates that the average IT department spends 80% of its time and resources just maintaining existing systems.This means that very little is left for IT to drive innovation and respond quickly to business needs.
  • Cloud computing is a better way to run your business. The cloud helps companies of all sizesbecome moreagile. Instead of running your applications yourself you can run them on the cloud where IT infrastructure is offered as a service like a utility. With the cloud, your company saves money: there are no up-front capital expenses as you don’t have to buy hardware for your projects. The massive scale and fast pace of innovation of the cloud drive the costs down for you. In the cloud, you pay only for what you use just like electricity.The cloud can also help your company save time and improve agility – it’s faster to get started: you can build new environments in minutes as you don’t need to wait for new servers to arrive. The elastic nature of the cloud makes it easy to scale up and down as needed. At the end of the day you have more resources left for innovation which allows you to focus on projects that can really impact your businesses like building and deploying more applications. “With the high growth nature of our business, we were looking for a cloud solution to enable us to scale fast. Think twice before buying your next server. Cloud computing is the way forward.” - Sami Lababidi, CTO, Playfish
  • We have really come a long way. Today, Amazon Web Services is not just one service but a suite of services that enterprises can leverage to deploy highly mission-critical applications with confidence.
  • Amazon Web Services is steadily expanding its global infrastructure to help customers achieve lower latency and higher throughput. As our customers grow their businesses, AWS will continue to provide infrastructure that meets their global requirements.
  • Andy did his research and came up with 2 part strategy for the company. First part was around desiging green field applications optimized for the cloud from day one. The other part was having phased driven migration plan for the existing application -line of business applications so that they too can take advantage of the all the benefits the cloud provides. This strategy has worked for several of our customers and I think it perfectly prudent to have Hybrid applications some applications running in-house while moving the rest of applications to the cloud.
  • BioSense 2.0BioSense 2.0 protects the health of the American people by providing timely insight into the health of communities, regions, and the nation by offering a variety of features to improve data collection, standardization, storage, analysis, and collaboration.Using the latest technology, BioSense 2.0 integrates current health data shared by health departments from a variety of sources to provide insight on the health of communities and the country. By getting more information faster, local, state, and federal public health partners can detect and respond to more outbreaks and health events more quickly.BioSense 2.0 is community controlled and user driven. This approach ensures that it remains flexible and responsive to users’ changing needs and that the development and evolution of BioSense 2.0 will continue in phases after November.CDC funded the Association of State and Territorial Health Officials (ASTHO) to host this new environment and, in coordination with in coordination with the Council of State and Territorial Epidemiologists (CSTE), National Association of County and City Health Officials (NACCHO), and International Society for Disease Surveillance (ISDS), facilitates a governance body of state and local health stakeholders that represents all BioSense 2.0 users.
  • BioSense 2.0BioSense 2.0 protects the health of the American people by providing timely insight into the health of communities, regions, and the nation by offering a variety of features to improve data collection, standardization, storage, analysis, and collaboration.Using the latest technology, BioSense 2.0 integrates current health data shared by health departments from a variety of sources to provide insight on the health of communities and the country. By getting more information faster, local, state, and federal public health partners can detect and respond to more outbreaks and health events more quickly.BioSense 2.0 is community controlled and user driven. This approach ensures that it remains flexible and responsive to users’ changing needs and that the development and evolution of BioSense 2.0 will continue in phases after November.CDC funded the Association of State and Territorial Health Officials (ASTHO) to host this new environment and, in coordination with in coordination with the Council of State and Territorial Epidemiologists (CSTE), National Association of County and City Health Officials (NACCHO), and International Society for Disease Surveillance (ISDS), facilitates a governance body of state and local health stakeholders that represents all BioSense 2.0 users.
  • CloudPrime’sHealthDirect provides an easy-to-deploy service for healthcare application integration in a HITECH and HIPAA-compliant mannerCloudPrime establishes secure network connections between end-users and Amazon EC2, allowing customers like the Wound Center to transfer patient and billing files between medical centers.In addition to meeting privacy and safety regulations, the Wound Center is achieving $433,000 in cost savings each year while concentrating their efforts on their core duties, rather than looking for errant files
  • Building a Community PartnershipAround Personalized OncologyA personalized medicine serviceFormed: 2009 - Grand Rapids, MichiganFounded by stakeholders of a decade of development by Van Andel Institute and three west Michigan oncology groupsFocus: Created to support community oncologists in enhancing personalized treatment of their patientsUnlocking the world of information in real time, within the oncologists patient flowLeveraging the latest complete molecular profiling techniques to guide therapeutic intervention decisionsAligning the latest evidenced based and actionable information at the point of treatment decision
  • AWS During Normal Commercial OperationsMolecular data is provided to Personalized Medicine Engine (PMed Engine) in the cloudAlgorithms and predictions are calculated and drug data provided back to the HIPAA compliant hostDrugs within disease context are sent to four content stored in the cloud to align drug / disease context
  • DiskAgent provides a HIPAA compliant soluton for continuous online data backup, data loss prevention and protection against identity theft.Amazon S3 availability and encryption capabilities enable DiskAgent to to meet HIPAA’s contingency access control requirements.As a result of the partnership with AWS, DiskAgent’s customers no longer need to worry about data availability and encryption and can instead focus on other mission critical information technology projects.
  • You can choose to deploy and run your applications in multiple physical locations within the AWS cloud. Amazon Web Services are available in geographic Regions. When you use AWS, you canspecify the Region in which your data will be stored, instances run, queues started, and databases instantiated.For most AWS infrastructure services, including Amazon EC2, there are seven regions: US East (Northern Virginia), US West (Northern California), EU (Ireland), Asia Pacific (Singapore) and Asia Pacific (Tokyo), AWS GovCloud (US) and US West (Oregon).Within each Region are Availability Zones (AZs). Availability Zones are distinct locations that are engineered to be insulated from failures in other Availability Zones and provide inexpensive, low latency network connectivity to other Availability Zones in the same Region. By launching instances in separate Availability Zones, you can protect yourapplications from a failure (unlikely as it might be) that affects an entire zone. Regions consist of one or more Availability Zones, are geographically dispersed, and are in separate geographic areas or countries. The Amazon EC2 service level agreement commitment is 99.95% availability for each Amazon EC2 Region.
  • Mix and Match to get the best bang for buck and further savings.Several of our customers have certain type of regulatory workloads that restrict them to run applications on the same physical host as other customers. Noisy Nieghbor Syndrome. We solved that by introducing Dedicated Instances. Dedicated Instances are available only within VPC where only one customer can spin up instances on one physical host.
  • You can extend your corporate datacenter to the cloud. Create a private slice of the public cloud and define your own network topology so that your corporate network can breathe in and breathe out. This year, we also released one dedicated
  • This is how most of the enterprises are leveraging VPC – What I call the new Enterprise IT network architecture – which will be powered by the cloud.
  • Natural language processing (NLP) of clinicaltext offers great potential to expand secondary use ofhigh-value electronic health record (EHR) data, but abarrier to adopting NLP is the high total cost ofoperation, driven mainly by the costs and limitedavailability of technical personnel in applied healthresearch settings.
  • Examining AWS, you’ll see that the same security isolations are employed as would be found in a traditional datacentre.  These include physical datacentre security, separation of the network, isolation of the server hardware, and isolation of storage.  AWS customers have full control over their data: they own the data, not us; they choose which location to store the data and it doesn’t move unless the customer decides to move it; they can encrypt their data at rest and in motion, just as they would in their own datacenter.  Amazon Web Services provides the same, familiar approaches to security that companies have been using for decades.  Importantly, it does this while also allowing the flexibility and low cost of cloud computing.  There is nothing inherently at odds about providing on-demand infrastructure while also providing the security isolation companies have become accustomed to in their existing, privately-owned environments.AWS is a secure, durable technology platform with industry-recognized certifications and audits: PCI DSS Level 1, ISO 27001, FISMA Moderate, HIPAA, SAS 70 Type II. Our services and data centers have multiple layers of operational and physical security to ensure the integrity and safety of your data. Visit our Security Center to learn more http://aws.amazon.com/security/.Certifications and Accreditations: AWS has successfully completed a SAS70 Type II Audit, and will continue to obtain the appropriate security certifications and accreditations to demonstrate the security of our infrastructure and services. PCI DSS: We finalized our 2011 PCI compliance audit, publishing our extensive Report on Controls (ROC) with an expanded scope. Our new November 30, 2011 PCI Attestation of Compliance, a document from our auditor stating we are compliant with all 12 PCI security standard domains, is available now for customers considering or working on moving PCI systems to AWS. The new Attestation of Compliance document includes some key changes this year: This year we’ve added RDS, ELB, and IAM as in-scope services. The addition of these services is fantastic news for PCI customers since they can now leverage RDS to store cardholder and transaction data, use ELB to manage card transaction traffic, and rely on IAM features as validated control mechanisms that satisfy PCI security standard requirements. Consistent with last year, EC2, S3, EBS, and VPC continue to be in scope.  Physical Security: Amazon has many years of experience in designing, constructing, and operating large scale data centers. AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical barriers to prevent unauthorized access.Secure Services: Each of the services within the AWS cloud is architected to be secure and contains a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand. Data Privacy: AWS enables users to encrypt their personal or business data within the AWS cloud and publishes backup and redundancy procedures for services so that customers can gain greater understanding of how their data flows throughout AWS.“In essence, the security system of AWS’s platform has been added to our existing security systems. We now have a security posture consistent with that of a multi-billion dollar company.” - Jim Warren, CIO, Recovery Accountability and Transparency Board (RATB)
  • Security is not optional. We have to built it every single layer right from perimeter to the application. In the cloud, security is a shared responsibility. Infrastructure security is responsibility of the AWS. This year amazon worked really hard and now have achieved all the security certifications. Best of all you get all these security certifications for free. Even if you don’t have credit card workloads, you still get the same secure infrastructure. For Infrastructure security, you can get full SAS 70 audit report on requestFor Services Security, we provide detailed technical documentation on how to use the featuresFor Application Security, we have security bulletins (security center), provide you with security guidance, Premium Support
  • What is Numera|Social?Numera|Social is a Facebook and mobile application to help people improve their health. We have paid quite a bit of attention to the nuances of what it really takes for people to change their behavior and we’ve tried to implement that through a social plus mobile platform that we’re making available to all sorts of health-centered organizations to take on as their own.How does it work?In Facebook, (users) can launch the app like Farmville or any other social game... First an individual would go in and really think through their goals -- what do they want to accomplish? Once you’ve set goals, we then recommend personal health action plans to you, which are really the center of the application... There’s so much health information out there on the web that people actually get stuck, they can’t make a decision, so what we’ve tried to do is work with experts to develop action plans that really give people a blueprint to how they achieve their goal.For less than the cost of a full-time developer, you can immerse consumers in your own Facebook and iPhone turnkey applications to keep them engaged in your programs. Research proves that compelling action plans and social network interaction fuels participation. Numera Social brings your brand to life throughout the day by offering individuals your expertise, combined with the support of their peers and friends.  Deploy with health coaching guidance you develop, or choose from our growing library of expert behavior-change plans and challenges. Spark a chain reaction that fuels healthy behavior, better outcomes, and lower costs.Numera Social’s integrated Facebook and iOS apps provides you with a platform to help individuals focus on:Goals. Tools to help establish areas of focus and achievable objectives.Action. Expert plans and challenges that fuel individual and peer-supported progress and success.Results. Sustained engagement, compliance and outcomes are measured using objective data.

Aws jvaria e_collaborationforum Presentation Transcript

  • 1. The Cloud as a Platform for Better Health Presented by: Jinesh Varia 02/23/2012DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of HIMSS.
  • 2. The Cloud
  • 3. Each day , AWS adds theequivalent server capacity to power Amazon when it was a global, $2.76B enterprise (circa 2000)
  • 4. Growth of our storage service Peak Requests: 762 Billion 500,000+ per second 262 Billion 102 Billion 40 Billion 2.9 Billion 14 Billion Q4 2006 Q4 2007 Q4 2008 Q4 2009 Q4 2010 Q4 2011 Total Number of Objects Stored in Amazon S3
  • 5. Customers in 190 Countries
  • 6. Why are people so excited about the cloud?
  • 7. Helps you focus on your application
  • 8. On-Premise Infrastructure is Costly& Complex Large Capital Expenditures Underutilized IT Assets Patching Software Out of Datacenter Space Scaling down as needed Slow IT Deployments Contract negotiation Scaling up quickly Prices too high for IT products Managing physical growth “IT spends 80% of its time and resources keeping the lights on”
  • 9. Cloud Computing Benefits Are Real No Up-Front Low Cost Pay Only for Capital Expense What You Use Self-Service Easily Scale Up Improve Agility & Infrastructure and Down Time-to-Market Deploy
  • 10. The AWS Cloud Tools to access services Cross Service features High-level building blocks Low-level building blocks
  • 11. Global InfrastructureGovCloud US West US West US East South EU Asia Asia (US ITAR (Northern (Oregon) (Northern America (Ireland) Pacific Pacific Region) California) Virginia) (Sao Paulo) (Singapore) (Tokyo) AWS Regions AWS Edge Locations
  • 12. Enterprise Cloud Strategy Cloud Benefits Zero upfront investment Build a New Cloud-Ready applications On-demand provisioning Cloud Design Instant scalability Strategy Existing Planned Phased Auto scaling and elasticity Applications migration Pay as you goHealth 2.0 Startup Removes undifferentiated heavy lifting or SMB Firm Developer productivity or Automation Large Enterprise
  • 13. Choice of development and system management tools Choice of location (Region) Purchasing Options Choice of Operating Systems On-Demand, Reserved, Spot, Linux, Windows, Suse, RedHat…. Invoice, Credit Card FlexibilityChoice of Databases (Commercial)Oracle, SQL Server, MySQL, Programmable InfrastructurePostGres… Choice of programming language Choice of as much or as little – Java, Ruby, Python, Perl, .NET.. And only pay only what you use
  • 14. The Cloud as a Platform
  • 15. The Cloud as a Platform For Collaboration – Data
  • 16. Data Collaboration • Storage Services • Amazon S3 • Amazon EBS • Amazon DynamoDB • Transfer Services • AWS Import/Export • AWS Storage Gateway • Identity and Access Management • Federation • Encryption features • Amazon S3 Server Side Encryption • Client side encryption • Key Management (Partners)
  • 17. BioSense 2.0 protects the health of theAmerican people by providing timelyinsight into the health of communities,regions, and the nation by offering avariety of features to improve datacollection, standardization, storage,analysis, and collaboration. Facts: 1. Authorization to Operate (ATO) from CDC 2. FISMA- Moderate 3. CDC use NIST Standards for Certification & Accreditation Process (NIST SP 800-18, NIST SP 800-37, NIST SP 800-53) 4. Launched on 15 Nov 2011 5. In AWS GovCloud Region (US-Persons only)
  • 18. Hospital State Data HIE Lockers Warehouse State/LocalHealth User/ AdminSystem State Health Department BioSense Essense Authorized Collaborator Hospital HIE CDC User Health System State Health Dept. Cloud
  • 19. Data Exchange and Integration
  • 20. The Cloud as a Platform For Collaboration – Data
  • 21. The Cloud as a Platform For Collaboration – Data For Clinical Research
  • 22. Patient Specific Education at Point Of Care Moment Clinical Disease Clinically Actionable / Evidenced Based Information at the Global Patient Point of Care ClinicallyMolecular Specific Molecular Moment Actionable Information Information Disease Treatments Patient Specific Physician Education They create a patient specific story designed to support treatment decision 25
  • 23. Personalized Medicine Service• 8 Algorithms• 54K molecular data points • Four content stores• Asynchronous • 30M+ records analysis • Textual search engine
  • 24. OncInsights Report• Interactive• Explore Evidence• Easy to NavigateClinical Knowledge SystemAlignment of molecularly identified therapeutic candidates …With clinically relevant knowledge in the disease context• Scientific Literature• Clinical Trials• Compendium Support
  • 25. The Cloud as a Platform For Collaboration – Data For Clinical Research
  • 26. The Cloud as a Platform For Collaboration – Data For Clinical Research For Data Protection
  • 27. Data Protection and Disaster Recovery Continuous Online Data Backup
  • 28. Regions and Availability Zones Customer Decides Where Applications and Data Reside
  • 29. Dedicated Instances On-demand Reserved Spot Dedicated Instances Instances Instances Instances • Pay as you go • Onetime • Requested • Standard and upfront + Pay Bid Price and Reserved as you go Pay as you go • Single Tenant • Starts from • $56 for 1 • $0.005 /Hour Instances 0.02/Hour year term as of today at • $10/Region + and then 9 AM 0.105/Hour $0.01/Hour For Steady For Time- For Regulatory For Spiky State insensitive and Compliant Workloads Workloads workloads Workloads
  • 30. The Cloud as a Platform For Collaboration – Data For Clinical Research For Data Protection
  • 31. The Cloud as a Platform For Collaboration – Data For Clinical Research For Data Protection For Corporate Apps
  • 32. Extend your existing datacenter 10G DirectConnect Amazon Corporate Location Virtual Private Data Center Cloud
  • 33. Corporatedata center Availability Zone 1 DirectConnect Location 10G Router Private Customer VPN Gateway Subnet Gateway CorporateHeadquarters Internet Public Subnet Gateway Amazon VPC Availability Zone 2Branch Offices Amazon S3 Amazon SES New Enterprise IT Network Amazon SimpleDB AWS Region Amazon SQS architecture
  • 34. Cloud-based NLP Service A Strategy for Deploying Secure Cloud-Based Natural Language Processing Systems for Applied Research Involving Clinical Text David Carrell
  • 35. Built on Security Standards Certifications Physical Security HW, SW, Network SOC1 Type 2 Datacenters in Systematic change (SAS-70) nondescript facilities management ISO 27001 Physical access Phased updates strictly controlled deployment PCI DSS 2.0 for EC2, S3, EBS, VPC, Must pass two-factor Safe storage RDS, ELB, IAM authentication at decommission least twice for floor FISMA Moderate Automated access Compliant Controls monitoring and self- Physical access audit Enables HIPAA & logged and audited ITAR Compliant Advanced network Architecture protectionAWS Security and Compliance Center: http://aws.amazon.com/security
  • 36. Security is a Shared ResponsibilitySOC1 Type 2 Audit Encrypt data in transitISO 27001/2 Certification Encrypt data at restPCI DSS 2.0 Level 1-5 Protect your AWS CredentialsHIPAA/SOX Compliance Rotate your keysFISMA A&A Moderate Infrastructure Application Secure your applicationFEDRamp/GSA ATO Security Security How we secure our How can you secure your infrastructure application and what is your responsibility? Services Security Enforce IAM policiesWhat security options Use MFA, VPC, Leverage S3and features are available bucket policies, EC2 Securityto you? groups, EFS in EC2 Etc..
  • 37. Security and Compliance Assessment You own the data, not AWS. You choose which geographic location to Involve your store the data. It doesn’t move from AWS region unless you decide to move it. Security and You have the flexibility to decide when and how you will encrypt your data while it is Compliance in transit and while it is at rest based on sensitivity of your data Teams early in You can download or delete your data whenever you like. the process You can set highly granular permissions to manage access of a user within your organization to specific service operations, data, and resources in the cloud for greater security control.
  • 38. The Cloud as a Platform For Collaboration – Data For Clinical Research For Data Protection For Corporate Apps
  • 39. The Cloud as a Platform For Collaboration – Data For Clinical Research For Data Protection For Corporate Apps For Platforms
  • 40. The Cloud as a Platform For Collaboration – Data For Clinical Research For Data Protection For Corporate Apps For Platforms
  • 41. The Cloud as a Platform For Better Health
  • 42. Thank you! Jinesh Variajvaria@amazon.com Twitter:@jinman http://linkedin.com/in/jinman