New secure research environment, ‘LASER,’ welcomes first users

When updated federal guidelines called for changes in how researchers handle genomic data, HMS IT acted quickly to create a new, secure platform. That platform, dubbed LASER for Longwood Area Secure Environment for Research, recently welcomed its first users. 

Work to create LASER began in 2024 after the National Institute of Health (NIH) updated its Genomic Data Sharing (GDS) Policy to better protect sensitive human genomic information voluntarily provided for research (NOT-OD-24-157). The updated policy implemented more stringent standards that require approved users, namely researchers who handle data from controlled-access genomic data repositories, to treat such data as Controlled Unclassified Information (CUI) which must comply with NIST 800-171.  

A new, secure platform would be needed at HMS to ensure researchers’ continued access to vital data under the new security requirements. Balancing urgency with a desire to ensure an effective solution was completed to a high standard, the HMS IT staff conducted fact-finding and background information gathering sessions, planning sessions with HMS IT Leadership, consultations with other impacted universities, and interviewed affected researchers working with genomic data sets to understand their needs. 

Partnering with the Office of Research Administration (ORA) to identify labs who needed a compliant environment, HMS IT built LASER on time for HMS researchers to meet the federal mandate. It onboarded its first researchers into the environment in March. 

“After the NIH genomic data sharing requirements changed in January, people would not have been able to leverage the data available via these different repositories [with HMS IT's existing compute resources],” said Kathleen Chappell, Research Computing Consultant at HMS IT. “How does [LASER] help? It enables scientists to do their research based upon the data that’s available in these repositories." 

LASER has technical and administrative controls to protect regulated data, including data encryption in transit and rest, change control processes, robust policies and procedures, a system security plan, data import and export controls, and more. Using The tiCrypt solution from Tera Insights - an environment that evolves as new research requirements emerge – LASER allows high-performance computing on all impacted genomic repository data, including interactive work and batch jobs.

Features 

  • Virtual machines provide "desktops" for interactive work
  • Resource scheduling for high-performance computing and batch analysis (coming soon) 

Security Additions 

  • Isolated from the O2 high-performance computing environment, your desktop, and the Internet
  • Security training and desktop software needed to login
  • Compliance requirements restrict data imports to specific research projects
  • All applications, derived, and reference data need to be inside the environment
  • Controlled data exports compliant with DUA and NIST 800-171 requirements