Ensuring Data Integrity in the Cloud Environment
Transcript of Ensuring Data Integrity in the Cloud Environment
4/12/2020
1
ENSURING DATA INTEGRITY IN THE CLOUD ENVIRONMENTPRESENTATION - PEERSAPRIL 16, 2020
ORLANDO LOPEZE-COMPLIANCE AND E-RECORDS INTEGRITY SME
OBJECTIVE
• The objective of this presentation is to go over those elements in data integrity
impacting cloud related services.
1
2
4/12/2020
2
REFERENCES
REFERENCES
• NIST SP 800-27rA, Engineering Principles for
Information Technology Security (A Baseline for
Achieving Security), Revision A
• López, O., “Electronic Records and Cloud
Computing”, in Best Practices Guide to
Electronic Records Compliance, (CRC Press,
Boca Raton, FL, 1st ed., 2017), PP 193-199.
3
4
4/12/2020
3
REFERENCES (CONT.)
• López, O., “A Computer Data Integrity Compliance Model,” Pharmaceutical Engineering, March 2015.
• Regulatory Analysis (rev 03-November-2019) https://drive.google.com/open?id=1EqeWvGAipuuwQJh2qf0v7ru50BiWzov-
• ECA Data Integrity & IT Compliance Group, “ECA ITWG Cloud SP Selection SOP Draft 001,” https://www.it-compliance-group.org/icg_best-practice.html
• López, O., "Designing Data Integrity into your Practices,” presented at the
PEERS Meeting, Durham, NC, 04/19/2018.
DEFINITIONS
5
6
4/12/2020
4
DEFINITIONS
Back end Architecture.Comprises the part of the cloud computing architecture that powers the front-end architecture. This includes the core components of the system such as hardware and storage and is generally located in a server farm in a geographically distant location.
Cloud Computing.A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with essential characteristics. (NIST)
DEFINITIONS
Data or Data Elements.The contents of the record, is the basic unit of information that has a unique meaning and can be transmitted. (ISO/IEC 17025)
Data Flow.Diagram that maps the flow of information of any process or system (inputs, outputs, storage points and routes between each destination). (CEFIC)
7
8
4/12/2020
5
DEFINITIONS
Data Integrity.The property that data has not been altered in an unauthorized manner since it was created, transmitted or stored. (NIST SP 800-27rA) The extent to which all data are complete, consistent and accurate throughout the data lifecycle. (MHRA)
Front end Architecture. Denotes any user-facing part of cloud computing architecture. This is the part that the end user interacts with, and it is comprised of subcomponents that make up the user experience. Front end architecture generally takes the form of a user interface and is an integral part of how the user interacts with cloud computing software.
DEFINITIONS
Metadata.Data describing stored data: that is, data describing the structure, data elements, interrelationships, and other characteristics of electronic records. (DOD 5015.2-STD)
Raw Data.Original records and documentation, retained in the format in which they were originally generated (i.e. paper or electronic), or as a ‘true copy’. (MHRA)
9
10
4/12/2020
6
DEFINITIONS
Record.Records are defined as the collection of related data treated as a unit (ISPE/PDA, “Technical Report: Good Electronic Records Management (GERM),” July 2002).
In a regulated environment, a record provides evidence of various actions taken to demonstrate compliance with instructions, e.g. activities, events, investigations, and in the case of manufactured batches a history of each batch of product, including its distribution. Records include the raw data which is used to generate other records. For electronic records regulated users should define which data are to be used as raw data. At least, all data on which quality decisions are based should be defined as raw data. (Eudralex Vol 4 Ch 4)
CLOUD DIAGRAM
11
12
4/12/2020
7
MHRA
• Where ‘cloud’ or ‘virtual’ services are used, attention should be paid to
understanding the service provided, ownership, retrieval, retention and
security of data.
SIMPLIFIED ARCHITECTURE CLOUD DIAGRAMInfrastructure as a service (IaaS)• servers• databases• network• storage
Platform as a service (PaaS)• A PaaS provider hosts the infrastructure on its own infrastructure.
Software as a service (SaaS)• Software distribution model in which a third-party provider hosts
applications and makes them available to customers over the
Internet.
Business Process as a Service (BPaaS)• It is a new model for cloud services where the cloud service provider
takes full responsibility for not only the design, management, and
control of its software application but also the operation of the
business process on behalf of the client company.
13
14
4/12/2020
8
15
16
4/12/2020
9
ANOTHER CONTRACTUAL ARRANGEMENT
SaaS
• Regulated user – SaaS
• Supplier - Application
• Supplier context – PaaS portion
hired by supplier (PaaS hosted by
other)
17
18
4/12/2020
10
PRO AND CON
PRO
• Lower cost for developing a system.
• Faster development and
deployment.
• Lower overhead cost to maintain the
system.
CON
• Not complete control of system
maintenance.
DATA INTEGRITY APPROACH
19
20
4/12/2020
11
DATA INTEGRITY
APPROACH
• Back end environment (Supplier)
• Front end environment (Regulated user)
• Assumptions:
SLA (EU Annex 11-3)
GAMP software category 1 - Operating systems
GAMP software category 3 - Non-Configured software
GAMP software category 4 - Configured software
GAMP Hardware category 1 - Standard Hardware
Components
Supplier provides a Core Application Software
Regulated user provides a configuration. Core +
Configuration = intended use
DATA INTEGRITY APPROACH – BACK END
21
22
4/12/2020
12
BACK END COMPUTING
• Application – interface being offered to the end user. Coordinates the needs
of the user with resources in the back end.
• Service – storage, application development environment, web services.
• Cloud Runtime – where service runs. Virtualization allows multiple runtimes to
exist on the same server.
• Storage – it is where all data required to operate the cloud software resides.
• Infrastructure – engine powering all cloud software.
BACK END COMPUTING
• Security - focuses on securing the server with virtual firewalls, preventing data
loss and redundancy mechanisms.
• Management – Also known as “middleware,” it is software in charge of
allocating specific resources for certain tasks. It is used to divide system
resources and infrastructure in a seamless and dynamic manner.
23
24
4/12/2020
13
DATA INTEGRITY– BACK END
• Creating
• While in transit
• Storing
• Processing
DATA INTEGRITY– BACK END
SLC RECORDS• Requirements, Functional and Design Specifications
• Configuration
• Testing documents
• Verification results, Executed validation protocols, Summary reports
• Change control records
• CAPA records
• Others
WORKFLOW RECORDS
• Records created by the application
• Manually entered data
• Data from other systems
• E-signatures
• Audit trails and metadata
25
26
4/12/2020
14
SLC RECORDS
SLC RECORDS• Regulated user
– Potential Data Migration (11-4.8)
– Risk Assessment (11-1)– Suppliers (11-3)– Requirements (11-4.4)– Periodic Reviews (11-11)– Security (11-12)– Incident Management (11-
13)– Business Continuity (11-16)– Printouts (11-8)– Data
• I/Os (11-5)• Accuracy Checks (11-6)
– Self Inspection
• Supplier– Service Level Agreement– 2nd Principle (Infrastructure
should be qualified)– Requirements (11-4.4)– Validation (11-4)– Configuration Management
(11-10)– Periodic Reviews (11-11)– Security (11-12)– Incident Management (11-13)– Business Continuity (11-16)– Data
• Data Migration (11-4.8)• I/Os (11-5)• Data Storage (11-7)• Data Archiving (11-17)• Accuracy Checks (11-6)
– Self Inspection– E-sig (11-14)
Sup
plie
r man
ages
28
27
28
4/12/2020
15
WORKFLOW RECORDS
WORKFLOW RECORDS
• Creating
• While in transit
• Storing
• Processing
29
30
4/12/2020
16
CREATION OF E-RECORDS
• All data become a record when the data is saved to a durable storage
location.
• To avoid transient data, the data must be saved contemporaneously.
• CGMP controls to transient data:
• Infrastructure must be qualified. (EU Annex 11 Principle 2)
• System holding transient records must contain built-in checks. (EU Annex 11-5)
• Accuracy for transient data entered manually. (EU Annex 11-6)
E-RECORDS WHILE IN TRANSIT
• E-records integrity controls:
Infrastructure must be qualified. (EU Annex 11 Principle 2)
System transmitting e-records must have built-in checks. (EU Annex 11-4.8 and 5)
Accuracy for transient data entered manually. (EU Annex 11-6)
E-records can not be altered in an unauthorized manner. (EU Annex 11-12.1)
31
32
4/12/2020
17
PROCESSING E-RECORDS
• Archiving (EU Annex 11-17)
• Audit trails (EU Annex 11-9)
• Build In-checks (EU Annex 11-5)
• E-signatures (EU Annex 11-14)
• Print outs/Reports (EU Annex 11-8)
• Security (EU Annex 11-12)
STORED E-RECORDS
• Migration (EU Annex 11-4.8)
• E-records in Storage (EU Annex 11-7)
• File Integrity Checking
• Records Archiving (EU Annex 11-17)
• Records retirement (MHRA DI Guidance Section 6.7)
33
34
4/12/2020
18
DATA INTEGRITY APPROACH – FRONT END (REGULATED USER)
FRONT END COMPUTING
• Software - web browser or client-side application
• User Interface
• Client Device/Network - user’s PC and input devices
35
36
4/12/2020
19
FRONT END ENVIRONMENT
• Interface between regulated user
infrastructure, internet, and cloud
infrastructure.
• Middleware and drivers associated
with the communication to the cloud.
• SLA
REGULATED USER ENVIRONMENT
• E-records integrity controls:
LAN Infrastructure must be qualified. (EU Annex 11 Principle 2)
Cryptographic infrastructure (e.g., VPN) be qualified. (EU Annex 11 Principle 2)
System transmitting e-records must have built-in checks. (EU Annex 11-4.8 and 5)
Operating Procedures.
37
38
4/12/2020
20
SUMMARY
SUMMARY
• For the purpose of simplifying the analysis of data integrity controls to a cloud
system, the environments to be controlled can be set in Front End and Back End.
• In the back end or suppliers’ environment the controls can be segregated as records
creation, records while in transit, records in storage, and records processing.
• In the front end or regulated user environment the only data integrity controls are
related with the interface between the front and back emd.
39
40
4/12/2020
22
43
FINFIN
43