Penn Medicine Academic Computing Services Newsletter
Newsletter

PMACS IS Quarterly Newsletter

Metrics (June 2017)

HPC Statistics
  • CPU Hours — 433,261
  • Disk Activity (TB) — 1,623
  • Archive Activity (TB) — 840
  • Total Number of Users — 490
LIMS Statistics
  • Total Number of Users — 210
  • Total Samples — 521,307
CTMS Statistics
  • Total Studies – 3,144
  • Total Subjects – 87,731
  • Total Active Accounts - 309
Customer Service Group (CSG) Tickets
  • Total Tickets –  2,269
  • Total Support Hours – 3,867

Technology Initiatives

Administration

AMP Admissions System

PMACS worked together with the Admissions Office to implement the new AMP Admissions System for the Perelman School’s undergraduate medical education (UME) program.  In June, PMACS implemented this new vendor system for use by approximately 6,000 applicants.

AMP replaced common admissions functionality such as admissions applications and applicant status pages that were previously provided by internally PMACS-developed software.  The use of AMP frees the PMACS software development team to refactor admissions processes that are unique to the Perelman School in a second project phase.

The new approach of leveraging both vendor and in-house developed software provides a way to eliminate aging, hard-to-maintain software while maintaining the unique characteristics of our admissions process.

Microsoft Office O365

Beginning in late August, Perelman School users who use ISC’s Zimbra (“mail.med”) email services will be transitioned to a new platform: Office 365.  Given the benefits offered by new versions of email and calendar applications, Penn Medicine is moving the health system and Perelman School to Office 365 so that we are all on a shared collaboration platform.

Penn Medicine O365 offers a number of benefits over our current system that will make your email and calendar management easier:

  • Larger inbox quotas: O365 provides 50 GB storage and unlimited archiving, versus Zimbra’s “mail.med’s” 4 GB maximum
  • Calendar: You will be able to see free/busy times for anyone in Penn Medicine and schedule meetings more easily; Penn Medicine will also integrate free/busy times with the university’s O365 instance in a future release.

Over the coming weeks, you will receive more information about the migration to Penn Medicine O365.  Please stay tuned!

New Service Information Officer (SIO)

The PMACS Service Information Officers (SIOs) serve as the liaisons between PMACS and the School of Medicine.  Their responsibilities include:

  • architecting information technology (IT) solutions for grant proposals or administrative needs
  • assisting with customer service
  • managing projects

We are fortunate to welcome Chris Dymek as our newest SIO.  Chris joins PMACS after two years as part of project management office.  He has significant research system experience from the pharmaceutical industry as well as several years at Penn Medicine.

You can contact Chris via email (Christopher.Dymek@uphs.upenn.edu).

Research

Laboratory Information Management System (LIMS) Upgrade

In April, PMACS successfully upgraded our LabVantage system to version eight. The new version provides LIMS customers with support for current web browsers (enhancing security) and a more modern, streamlined user interface (enhancing usability). Several groups have already begun to use new “out-of-the-box” features in version eight such as a generic bio-banking workflow and storage restrictions to minimize human error when filing samples. New server and storage infrastructure, deployed along with the upgrade, offers improved performance and increased accessibility to printers across Penn Medicine.

PMACS Storage Services

There are several data storage options available within the PMACS research and high-performance computing (HPC) environments.  Each are briefly described along with their respective cost models.

PMACS User Home Account
PMACS provides all supported users with a home account and a 100 GB file share allocated for work documents.  This file share is not to be used for the following:

  • project-specific files that may need to be shared for collaborative activities.
  • files containing intellectual property or personal identifiable information (PII). 

Backup of the home account occurs on a daily, weekly, and monthly schedule.  There is no charge for this storage.

Research “Low Cost” Storage
The low-cost storage tier provides a cheaper alternative for those who need temporary storage of a data set or do not need backups for business continuity.  Backup for this tier is only a daily snapshot, and the maximum data retention period is six months.  Unlike NAS (Network Attached Storage) devices, PMACS staff actively manage the low-cost tier.  The standard charge is $10/TB/month.

Research “Commodity” Storage
Commodity storage is the primary environment for research data. This storage is available across the PMACS supported environment and is accessible to desktops, VM servers, clusters, etc.  PMACS can tailor the storage for sponsor-specific data, intellectual property (IP) protection, HIPAA requirements, or other Data Use Agreement (DUA) specific needs.  Backup is on a daily, weekly, and monthly schedule to ensure business continuity.  This storage environment has a standard charge of $30/TB/month.

HPC Disk Storage
The HPC cluster nodes are attached to 1.8 Petabytes of IBM Storwise V7000 disk storage, housed in two separate performance tiers.  There is no backup to this storage, as it is designated for high throughput performance. The disk is presented to the compute nodes via a ten-node IBM Scale Out Network Attached Storage (SONAS) system leveraging the IBM General Parallel File System (GPFS). This HPC storage is priced as a fee-for-use model, and clients have the ability to purchase only the storage they need, for as long as they need it while using the HPC clusters. This storage environment has a standard charge of $55/TB/month.

Archive Storage
Long-term archive storage is available to investigators wishing to maintain their research data in a cost-effective and retrievable manner. This storage is a tape-based system that is accessible via simple Mac, Windows, or Linux drive mapping. This long-term storage is priced as a fee-for-use model, and clients have the ability to purchase only the storage they need, for as long as they need it. While it is slower than archive, it has expansion capabilities into the thousands of terabytes. This storage environment has a standard charge of $15/TB/month.

PMACS-supported Storage

PMACS User Home Account  – 100GB no charge
Research “Low Cost” Storage $10/TB/month
Research “Commodity” Storage $30/TB/month
HPC Disk Storage $55/TB/month
Archive Storage $15/TB/month

Please contact the PMACS SIOs or LSPs if you have any questions.

User Tip

Lessons from the WannaCry Ransomware Attack

The following article is based on a recent security awareness newsletter from the SANS Institute, a leader in cybersecurity education.

Overview

Recently, you most likely watched widespread news coverage of a new cyber-attack called WannaCry. It infected over 200,000 computers worldwide and locked numerous organizations out of their data, including hospitals in the United Kingdom. There are several reasons this attack gained so much attention. First, it spread rapidly from computer to computer by attacking a known weakness in Windows computers. Second, the attack was a type of malware called Ransomware, which meant that once it infected your computer it encrypted all your files, locking you out of your data. The only way you could recover your data was from backups or by paying the attacker a $300 ransom to decrypt all of your data. The third and most important reason this attack gained so much attention was that it never should have happened. The weakness that WannaCry attacked in Windows computers was well known by Microsoft, which had released a fix months earlier. However, many organizations failed to install the fix, or were still using operating systems that are no longer supported by Microsoft. Here are three simple steps you can take to make sure attacks like WannaCry never infect your computers.

Patching

First, make sure your computers, mobile devices, apps, and anything else connected to the Internet are up-to-date. Cyber criminals are constantly looking for new vulnerabilities in the software your devices use. When they discover vulnerabilities, they use special programs to exploit them and hack into the devices you are using. Meanwhile, the companies that created the software for your devices are hard at work fixing these vulnerabilities by releasing updates. By dutifully installing these updates on your computers and mobile devices, you make it much harder for someone to hack you. That is what was so frustrating about the spread of WannaCry: the updates to fix and stop the attack had been released almost two months earlier by Microsoft. Had organizations kept their computers up-to-date, the attack would never have worked. To ensure that your devices stay current, enable automatic updating whenever possible to almost any technology connected to a network. This includes not just your computers and mobile devices, but also Internet-connected TVs, home routers, and gaming consoles (and someday perhaps even your car). If your operating systems or devices are so old that they are no longer supported with security updates, as is the case with Windows XP, replace them with new ones that are supported.

Backups

In some cases, cyber-attacks like Ransomware may even infect up-to-date systems. A second way to protect yourself is to back up your data. Backups are copies of your information stored somewhere other than on your computer or mobile device. When you lose valuable data, you can recover that data from your backups. Unfortunately, too many people fail to perform regular backups, even though they are simple and inexpensive.

Phishing

Finally, bad guys are always updating and changing their methods of attack. Cyber criminals often use another attack method called phishing. Phishing is when cyber criminals send you an email that tries to trick you into opening an infected attachment or visiting a malicious website. If you do either, your computer may become infected. While WannaCry did not involve phishing, this attack method is commonly used for many other types of attacks, including most types of Ransomware. In addition, the cyber criminals who developed WannaCry will undoubtedly update their attack methods in the coming months and use new techniques, such as phishing, to infect even more computers. The key to protecting yourself against such email-based attacks is common sense. If an email or message seems odd, suspicious, or too good to be true, it is most likely an attack.

If you have any questions, please contact Information Security at medsecurity@mail.med.upenn.edu

For more security-related information, visit the PMACS Information Security web page:
http://www.med.upenn.edu/pmacs/

Back to Top ↑