PTP | Cloud Experts | Biotech Enablers

Navigating the Legal Landscape: Data Privacy, Cybersecurity, and AI in Life Sciences

Mai Hiraoka — Wed, 30 Apr 2025 04:08:28 +0000

Startups in biotech, digital health, and life sciences face more than just scientific challenges—they operate under a growing web of legal and regulatory obligations that can dramatically affect their success. That’s why PTP hosted a thought-provoking session on February 27, 2025, featuring Jason Johnson, a partner specializing in data privacy, cybersecurity, and healthcare law.

Jason broke down the legal fundamentals that every growing company must address to stay compliant, secure, and prepared for scaling—especially when handling sensitive data or integrating AI-driven technologies.

Watch the full video on YouTube

Key Topics Covered:

📌 Data Privacy Isn’t Static

Startups must understand that data privacy obligations shift as their business grows and data types evolve. Whether handling personal health information (PHI), sensitive personal data, or data sourced internationally, companies must align with state-specific privacy laws and prepare for broader federal regulations that may soon emerge.

🔒 Cybersecurity Requires Proactive Planning

Jason emphasized the need for robust cybersecurity controls early on—even for pre-revenue startups. He discussed how vendor selection, staff training, and best practices (such as those from AWS) play a crucial role in protecting data, ensuring audit-readiness, and safeguarding IP.

🤖 AI Risks Extend Beyond Technology

Generative AI and ML models bring efficiency—but also introduce risk. Improper use of public LLMs like ChatGPT can accidentally disclose confidential information, jeopardize IP, or even violate partner contracts. Jason advised establishing internal policies that govern employee use of AI tools to protect data and maintain compliance.

🌐 International Data Considerations

With many startups sourcing datasets globally, Jason warned of cross-border regulatory issues, including EU GDPR, China’s data protection laws, and future U.S. tariff policies. Businesses must weigh the legal and logistical implications of using non-U.S. data sources.

🧠 Training Is Non-Negotiable

Finally, Jason highlighted the importance of regular staff training. Many data breaches are due to human error—not technical failure. Educating teams on privacy, security, and responsible AI use is essential to reducing risk and maintaining trust.

Looking for expert support with compliance in AWS environments?
PTP is an AWS Life Sciences Competency Partner trusted by fast-growing biotech organizations to manage cloud operations with compliance in mind.

🔗 Learn more at ptp.cloud

The post Navigating the Legal Landscape: Data Privacy, Cybersecurity, and AI in Life Sciences appeared first on PTP | Cloud Experts | Biotech Enablers.

Resilience First: AWS and PTP Illuminate the Future of Cybersecurity in Life Sciences

Mai Hiraoka — Sat, 01 Mar 2025 05:14:34 +0000

When it comes to life sciences cybersecurity, security and compliance are more than IT checkboxes—they’re the foundation of trust, patient safety, and scientific innovation. At the February 27, 2025 panel hosted by PTP, Hector Rodriguez, Principal Industry Specialist at AWS, delivered an eye-opening session on how biotech and health organizations can strengthen their security posture while accelerating innovation.

With 30+ years in health and life sciences, Rodriguez shared valuable insights on scalable security frameworks, the role of automation and AI, and why cloud-native approaches—especially AWS—enable life sciences companies to meet compliance requirements without slowing down scientific progress.

Watch the full video on YouTube

The Risk of “Adding on” Security

Rodriguez emphasized a shift in mindset: security must be embedded from day one. Too often, organizations treat it as an afterthought, leading to gaps in data integrity and regulatory exposure. In modern cloud-native environments, security should be integrated into the entire software development lifecycle—from architecture to automation.

He highlighted tools like Amazon Q Developer, which helps flag vulnerabilities in real time during code development, and stressed the dangers of hardcoding credentials or neglecting security in CI/CD pipelines.

Let AWS Do the Heavy Lifting

Rodriguez urged attendees to take advantage of what cloud providers do best—manage compliance at scale. With support for over 140 global compliance frameworks out of the box, AWS allows customers to “inherit” baseline security measures like HIPAA, GxP, and ISO standards. This helps reduce the need for expensive security consultants while empowering life sciences compliance teams to stay focused on innovation.

Serverless and Auto-Scaling for Security at Scale

One of the most impactful takeaways was the power of serverless architectures. Rodriguez explained that serverless computing allows AWS environments to scale automatically—without compromising security. Tools like Secrets Manager, Key Management Service, and Auto Scaling help protect sensitive information and increase resilience with minimal manual overhead.

The New Security Chain of Custody

Rodriguez also called attention to the importance of third-party supply chain security. Breaches in unknown software vendors have disrupted major clinical systems, underscoring the need for visibility across the full environment.

AWS Config, Certificate Manager, and Security Hub enable continuous compliance monitoring, drift detection, and encryption verification—making them essential components of a secure, cloud-native infrastructure, and a critical part of PTP’s Security Monitoring approach.

Resilience > Ransomware

Rodriguez stressed that the most dangerous cybersecurity threat today isn’t ransomware—it’s a lack of resilience. For biotech and clinical research organizations, downtime can delay clinical trials and ultimately harm patients.

Through services like AWS Resilience Hub and the AWS Well-Architected Framework, life sciences companies can establish recovery plans, audit environments, and minimize business disruptions.

“The question is no longer if a breach or failure will happen—it’s how quickly your systems can recover when it does.” – Hector Rodriguez

AI, Automation, and the Road Ahead

Rodriguez concluded with a look at the future: AI and automation are critical for scalable security operations. AWS uses machine learning to detect anomalies and automate remediation—reducing human error while increasing visibility and control.

For companies balancing security and compliance with innovation, the message was clear: embed security early, lean on cloud-native solutions, and let AWS do the heavy lifting so your team can focus on R&D, clinical trials, and commercialization.

🔗 Learn more: Full Panel Recap: Privacy, Cybersecurity & Compliance in Life Sciences

Build resilience into your security architecture

Let us help you strengthen your security posture with a Well-Architected Framework Review focused on compliance and resilience.

👉 Claim your 50% off security assessmentor explore👉 PTP's AWS Marketplace Offers

The post Resilience First: AWS and PTP Illuminate the Future of Cybersecurity in Life Sciences appeared first on PTP | Cloud Experts | Biotech Enablers.

The Impact of AWS Lambda’s End of Support for Older Python and Node.js Runtimes: Why Migrating is Critical for Your Cloud Strategy

Mai Hiraoka — Sat, 16 Nov 2024 03:30:06 +0000

PTP Solves: Migrating AWS Lambda Runtimes for Secure, Compliant Biotech Applications

As biotech and pharmaceutical research organizations increasingly adopt cloud-based solutions to accelerate data processing and analysis, the tools that support these workflows must evolve to meet growing demands for performance, security, and scalability. For many businesses relying on AWS Lambda to run lightweight, event-driven applications, these changes can have a significant impact on operations. In particular, AWS regularly announces the end of support for older Python and Node.js runtimes, which means companies need to be aware of deprecations and have a plan of action.

In this post, we’ll explore the key reasons why migrating away from these outdated Lambda runtimes is crucial and how you can smoothly transition to newer, supported versions to ensure your serverless applications remain reliable, secure, and performant.

What Does AWS Lambda’s End of Support for Older Runtimes Mean?

AWS Lambda allows code to run without the need for provisioning or managing servers, supporting multiple programming languages, including Python, Node.js, Java, and more. Each of these languages has an associated runtime, which includes the programming language and the associated libraries and dependencies Lambda requires to execute the code. However, like any technology, languages evolve, and older versions eventually reach their end of life.

AWS has announced that it will stop supporting several older versions of Python and Node.js in Lambda. This means that Lambda functions running on these runtimes will no longer receive security patches, performance updates, or bug fixes, potentially leaving serverless workloads vulnerable or less efficient.

Key Risks of Using Outdated Runtime

1. Security Vulnerabilities

In the biotech and pharmaceutical industries, data security and patient confidentiality are of utmost importance. Once a runtime is deprecated, it no longer receives critical security updates. Research organizations processing sensitive data—whether related to clinical trials, genetic research, or drug discovery—may expose themselves to data breaches and compliance issues by continuing to rely on deprecated runtimes. Security vulnerabilities can lead to unauthorized access, data loss, or damage to research integrity.

2. Decreased Performance and Efficiency

In research environments where large datasets are analyzed and processed frequently, performance is critical. Older runtimes are not optimized for the latest AWS infrastructure, which can result in inefficient execution of Lambda functions. Biotech and pharma organizations that rely on Lambda for time-sensitive applications—such as real-time analytics, data pipelines, or simulations—may experience delays and increased compute costs if their functions are running on outdated runtimes. Migrating to a newer runtime ensures that Lambda functions run with the latest performance improvements, enabling faster processing and more efficient use of cloud resources.

3. Compatibility Issues with New Technologies

The pharmaceutical and biotech sectors often leverage cutting-edge technologies like machine learning, artificial intelligence, and high-performance computing. As new AWS features are released, older runtimes are not updated and, therefore, may not be compatible. This could limit the ability to integrate Lambda functions with emerging technologies and best practices. Updating runtimes ensures seamless integration with new AWS services, providing better support for complex research workflows and data pipelines.

4. Increased Operational Complexity

Biotech and pharmaceutical research organizations must comply with strict regulatory standards, such as 21 CFR Part 11, HIPAA, and GDPR. Operating Lambda functions on unsupported runtimes can create additional complexity, as troubleshooting and patching vulnerabilities will no longer be managed by AWS. Additionally, after a time specified by AWS, organizations will not be able to update or maintain the code in Lambda functions with very out-of-date runtimes. This greatly increases the likelihood of errors, downtime, and regulatory compliance risks. Migrating to a supported runtime simplifies operations and ensures that Lambda functions remain secure and compliant.

Benefits of Migrating to Supported Runtimes

1. Access to New Language Features and Enhanced Security

Migrating to newer Python and Node.js versions unlocks access to new language features and improvements that can be critical for modern research workflows. Newer releases of Python, for example, have offered improved support for asynchronous programming, which is essential for efficiently processing large amounts of data. Node.js has introduced new features like optional chaining and nullish coalescing in their updates, which enhance the ability to handle complex logic in research applications. Moreover, these newer versions receive regular security patches, which ensures that sensitive research data remains secure.

2. Improved Integration with AWS Services

AWS Lambda functions often serve as a core component of larger research systems that integrate with other AWS services like Amazon S3, DynamoDB, AWS Batch, Sagemaker, HealthOmics, and HealthLake. Newer runtimes are better optimized for these integrations, making it easier to build efficient, scalable research workflows. For example, AWS Step Functions, which is used to coordinate Lambda functions and other AWS services, works more effectively with the latest runtimes, enabling the creation of robust, automated research pipelines.

3. Better Compliance and Regulatory Alignment

In highly regulated industries like pharmaceuticals, maintaining compliance with industry regulations is crucial. Using outdated runtimes can create security and data integrity gaps that may violate compliance requirements. Newer runtimes are supported by AWS’s security framework, ensuring that Lambda functions remain in line with industry regulations and standards, reducing the risk of non-compliance during audits or inspections.

4. Enhanced Performance and Cost Efficiency

In the research space, optimizing the performance of Lambda functions can lead to research acceleration. Newer runtimes are more efficient in terms of execution speed and resource utilization. For example, functions running on these updated runtimes are able to process data faster, which reduces compute costs and time. In biotech and pharmaceutical research, where large volumes of data are processed regularly, these savings can quickly add up.

How to Migrate to Newer Runtimes

1. Evaluate Current Lambda Functions

The first step in migrating is identifying which Lambda functions are still running on outdated runtimes. This can be done by reviewing the AWS Lambda console and checking the runtime settings for each function.

2. Update Code for Compatibility

After identifying the functions to update, assess the codebase for compatibility with the newer runtime versions. This might involve:

Updating dependencies to newer versions that are compatible with the most current Python or Node.js version
Refactoring code to take advantage of new language features
Testing the updated functions to ensure they perform as expected in the new runtime environment

3. Test, Deploy, and Monitor

Testing is crucial to ensure that Lambda functions work correctly after migration. Biotech and pharmaceutical companies can use AWS CloudWatch for logging and monitoring to track the performance of the updated functions. Once testing is complete, the updated functions can be deployed into production.

4. Optimize and Scale

After migrating, organizations should monitor the performance of Lambda functions and look for opportunities to optimize. AWS CloudWatch metrics and AWS X-Ray can help track function execution times, resource usage, and error rates, ensuring the system runs smoothly as research needs scale.

Benefits of Well-Architected Framework Review

A Well-Architected Framework Review (WAFR) is a valuable process for identifying issues that may exist in an AWS Lambda environment. By conducting a review, organizations can assess their cloud infrastructure against AWS’s best practices across five key pillars: operational excellence, security, reliability, performance efficiency, and cost optimization. As part of this review, an evaluation of the Lambda functions is performed, ensuring Lambda functions are operating within a VPC, using encrypted environmental variables, and following the principle of least privilege. This proactive assessment helps pinpoint areas that may be a security risk or cost liability. A Well-Architected Review also offers recommendations on how to neutralize these issues, ensuring the organization’s environment is aligned with the latest AWS standards and best practices. For more information about conducting a Well-Architected Framework Review with PTP, including options to fully fund the project, fill out the form at the bottom of this page or contact info@ptp.cloud.

Conclusion

The end of support for older Python and Node.js runtimes in AWS Lambda presents a significant challenge for biotech and pharmaceutical research organizations relying on Lambda to power their critical applications. However, migrating to newer runtimes is essential for maintaining security, performance, and regulatory compliance. By updating to supported runtimes, research organizations can improve the efficiency and scalability of their workflows, ensure better data protection, and reduce operational complexities.

Taking proactive steps to migrate to the latest supported versions will ensure that Lambda functions remain secure, cost-effective, and capable of supporting the next generation of scientific breakthroughs.

Request your complimentary WAR today!

The post The Impact of AWS Lambda’s End of Support for Older Python and Node.js Runtimes: Why Migrating is Critical for Your Cloud Strategy appeared first on PTP | Cloud Experts | Biotech Enablers.

Steps to Mitigate the Risk of the TunnelVision Attack on VPNs

Mai Hiraoka — Fri, 10 May 2024 17:34:07 +0000

By Rich Hauke, CISSP

In the evolving landscape of digital security, VPNs (Virtual Private Networks) have long stood as a bastion for securing private data transmission over public networks. However, a new vulnerability known as the TunnelVision attack threatens to undermine this security by exploiting weaknesses in VPN tunneling protocols. As highlighted by Rich Hauke, CISSP, understanding and mitigating this risk is crucial for maintaining the integrity and confidentiality of data transmitted via VPNs.

Understanding the TunnelVision Attack

The TunnelVision attack exploits the split-tunneling feature of VPNs, which is designed to allow users to access public network resources while simultaneously connecting to a private network. This feature, while useful for bandwidth management and reducing latency, also creates potential vulnerabilities that attackers can exploit to bypass encryption and compromise user anonymity. As outlined in a detailed article on Ghacks (read the full article here), the implications of such attacks are profound, with potential risks ranging from data leakage to unauthorized access to sensitive network spaces.

Key Steps to Mitigate Risks

Rich provides several actionable strategies to help mitigate the risk associated with the TunnelVision attack. Here are the refined steps based on his advice:

Secure Network Connections:
- When using a VPN to access sensitive data or spaces, ensure the connection is made over a secure network. One of the simplest methods is using a mobile device’s hotspot feature, which generally offers a more controlled environment compared to public Wi-Fi networks.
Awareness of VPN Limitations:
- It’s crucial to recognize that no security system is impervious. VPNs are no exception, especially when the purpose is merely to obscure your online activities from prying eyes. Understanding that vulnerabilities like metadata analysis exist is essential for users who rely heavily on VPNs for anonymity.
Robust Testing and Evaluation:
- Organizations must conduct thorough testing on the head-end, or server-side of the VPN setup, to assess the vulnerability to TunnelVision-like attacks. This involves evaluating the entire data stream process, from transmission to reception, to understand potential weaknesses and the effectiveness of various attack methodologies.
Strengthen End-to-End Data Path Security:
- Ensuring that sensitive applications are only accessible over VPNs can mitigate some risks, but if the VPN tunnel itself is compromised, this security measure falls short. Comprehensive security strategies must cover end-to-end flow paths to prevent data insertion or leakage.

Conclusion

As digital threats evolve, so too must our strategies to combat them. The TunnelVision attack serves as a reminder of the inherent vulnerabilities within technologies we often take for granted. By adopting a layered security approach, regularly updating security protocols, and educating users about the potential risks, organizations can better defend against these sophisticated attacks.

Rich’s insights into the TunnelVision attack not only highlight the complexities of network security in the age of ubiquitous internet connectivity but also provide a clear path forward for those looking to safeguard their digital environments. Implementing these steps can significantly enhance the security posture of any organization relying on VPNs for secure data transmission.

The post Steps to Mitigate the Risk of the TunnelVision Attack on VPNs appeared first on PTP | Cloud Experts | Biotech Enablers.

PTP Streamlines AWS Well Architected Framework Reviews with MontyCloud

Gary Derheim — Thu, 01 Feb 2024 16:19:59 +0000

PTP is pleased to announce a strategic partnership with MontyCloud as a foundation for its Amazon Web Services (AWS) Well Architected Framework Review and Cloud Operations practices through the MontyCloud Platform. By combining PTP’s AWS Well Architected proficiency with MontyCloud’s automation capabilities, the collaboration aims to accelerate time-to-value for PTP’s customers. MontyCloud, an AWS Cloud Operations, AWS Built-In, and Well-Architected partner, offers an autonomous CloudOps platform that simplifies and accelerates the adoption of AWS.

While analyzing customer environments across the Well Architected pillars has been effective, PTP seeks to improve data presentation to customers in addition to delivering the seamless creation of project items for remediation. Through the partnership with MontyCloud, PTP is augmenting its Well-Architected practice through:

Enhanced Visibility: MontyCloud provides comprehensive reports on an environment’s compliance with Well-Architected standards, empowering organizations to make data-driven decisions for continuous improvement.
Prioritization and Remediation: Prioritize WAFR findings based on their impact and remediate immediately using out-of-the-box automation
Automated Routine Tasks: MontyCloud automates various WAFR best practices, allowing teams to focus on more strategic, high-value initiatives.

PTP Well Architected Reviews Are Available on the AWS Marketplace!

“By leveraging MontyCloud’s platform we have a method of automating the provisioning of customer environments along with ensuring deployment reliability. We can deliver services to our clients that allow IT to provide biotechnology scientists and researchers a way to deploy AWS resources so they can complete their critical work, but in a controlled and managed environment.”

Ethan Simmons

CEO, PTP

“MontyCloud is thrilled to be partnering with PTP. Their expertise and innovation in biotechnology solutions on AWS paired with MontyCloud’s automation means that customers can bring life-saving treatments to market even faster.”

Alana Fitts

Director of Alliances, MontyCloud

About PTP

Headquartered in Boston, PTP (Pinnacle Technology Partners, Inc.) delivers specialized cloud consulting, cybersecurity services, FinOps optimization, and managed IT solutions designed to meet the complex needs of life sciences, biotech, and healthcare organizations. As an AWS Advanced Tier Services Partner with Life Sciences Competency, PTP provides end-to-end solutions including AWS cloud migration, Well-Architected Reviews, managed security services, and cloud cost optimization strategies. Through its PeakPlus™ managed services platform and deep domain expertise, PTP empowers innovators to accelerate discovery, maintain regulatory compliance, and drive operational efficiency — all while protecting critical data assets.

For more information, visit https://ptp.cloud.

Media Contact:

Gary Derheim
VP, Marketing & Business Development
marketing@ptp.cloud

About MontyCloud

MontyCloud Inc. was founded with the fundamental principle of transforming teams into cloud powerhouses. The MontyCloud DAY2 platform is a no-code cloud management solution that simplifies CloudOps, without having to add additional IT resources. With MontyCloud DAY2, IT teams can enable self-service consumption, standardize deployments, optimize cloud costs, deliver granular governance, reduce security & compliance issues, and automate incident management.

The post PTP Streamlines AWS Well Architected Framework Reviews with MontyCloud appeared first on PTP | Cloud Experts | Biotech Enablers.

Why AWS Control Tower for Early Stage Life Sciences

Mai Hiraoka — Wed, 11 Oct 2023 22:53:13 +0000

Visualizing complex biological data is foundational to modern research. Before we dive into common challenges, here’s a quick overview from Scott Scheirey on how life sciences teams can streamline their workflows using AWS.

Watch the full video on YouTube

Building the Life Science AWS Environment of Tomorrow with AWS Control Tower

Today, we’re diving into how AWS Control Tower can help build the life science AWS environment you need for tomorrow, starting today. I’m Scott Scheirey, Scientific Partner Advisor with PTP. Life science startups aim to move quickly but often encounter challenges along the way. Typically, these startups consist of a small team of computational biologists, bioinformaticians, and data scientists. They have just secured funding to transform their innovative ideas—whether a groundbreaking new therapy or a novel research method—into impactful solutions for patients.

Architecting an environment independently can be daunting for many, especially those lacking AWS expertise. Consequently, startups often defer addressing infrastructure concerns until they become pressing issues. The initial step is usually to use new funding with minimal configuration, covering security, compliance, and data storage plans. However, this approach can lead to scattered data and significant technical debt.

Many startups overlook that establishing an AWS environment is not prohibitively expensive and can mitigate numerous future problems. AWS Control Tower offers a comprehensive organizational management toolset that provides baseline security across all accounts and facilitates the deployment of well-architected environments. For example, adding a new application or business unit becomes streamlined and secure, adhering to predefined criteria in AWS Control Tower.

For early-stage life science organizations, AWS Control Tower is crucial as it alleviates the burden on data teams regarding deployments. By following company security and compliance protocols, issues related to access or permissions for AWS EKS or EC2 instances are avoided. This predefined setup jump-starts the environment, reducing the reliance on IT teams for success. New hires can be quickly integrated by assigning permissions, making scaling up as simple as flipping a switch.

Implementing AWS Control Tower from the beginning ensures a well-architected framework, covering storage, computational resources, policies, and roles. This foundational setup means you won’t struggle with pulling data from various sources as your startup grows. Whether you need to comply with NIST, HIPAA, GDPR, or 21 CFR Part 11, AWS Control Tower provides the flexibility to adjust your environment accordingly.

If you’re interested in learning more about IT services for life sciences, explore PTP on the AWS Marketplace and discover our Cloud Ops for life science startups.

The post Why AWS Control Tower for Early Stage Life Sciences appeared first on PTP | Cloud Experts | Biotech Enablers.

5 Proven Ransomware Protection Strategies for Life Sciences and Biotech

Gary Derheim — Wed, 08 Feb 2023 16:48:57 +0000

The threat of ransomware persists. According to the Intel 471 Year in Review, the United States remains the most targeted country globally, accounting for 39% of all ransomware attacks. The UK follows distantly at 9%. With new variants like LockBit 2.0 and LockBit 3.0 gaining momentum, it’s clear the danger is not only ongoing—but evolving.

For biotech and life sciences organizations, ransomware attacks pose a major risk to patient data, research continuity, and regulatory compliance. Instead of panicking or overspending on unnecessary, high-cost cybersecurity tools, the expert security team at PTP recommends five proven strategies to drastically reduce your organization’s ransomware risk.

Watch the full video on YouTube

1. Patch Everything

Establish a disciplined vulnerability management process and act on its findings. Unpatched devices—whether a smart light controller, an outdated Windows 2008 server, or an unattended FedEx print station—present low-hanging fruit for attackers. If it's connected to the network, it's a potential entry point.

For biotech IT services and secure lab environments, patching is essential to prevent avoidable breaches in regulated research IT infrastructure.

2. Ensure Offsite Backups

Follow the 3-2-1 backup rule: three total copies of your data, two stored locally on different mediums, and one offsite. As a Veeam VCSP partner, PTP offers reliable backup services to maintain business continuity—even in the face of ransomware.

This is critical for compliant IT services for research labs and maintaining HIPAA and GxP data integrity.

3. Perform a Business Impact Analysis

Work directly with your business owners and executives to understand what data and functions are mission-critical. Identify what you can afford to lose and what must be protected at all costs. This aligns with the "Identify" function of a NIST 800-53 Self-Assessment.

Life sciences IT support must include impact analysis to prioritize data protection and ensure MSP compliance for clinical research.

4. Verify an Incident Response Plan

An incident response plan must exist, be accessible offline, and cover a total loss scenario—including being locked out of Azure AD, Okta, or O365. Don’t assume cloud means immunity—it doesn’t.

Biotech and research labs benefit from managed IT for labs that supports incident response, HIPAA audits, and disaster recovery scenarios.

5. Layered Security: EDR and DNS Filtering

Deploy endpoint detection and response (EDR) technology and a second layer like DNS filtering or egress traffic control. DNS filtering blocks users from reaching known malicious domains, while EDR detects and neutralizes threats at the endpoint level—your last line of defense.

These are core components of secure IT services for biotech and scientific computing IT support that defend intellectual property and research continuity.

Cybersecurity is about discipline, not just tools. Taking these five steps helps you maintain operational resilience and keeps your organization protected against ransomware threats.

—

Authored by:
Rich Hauke, CISSP & Gary Derheim

Highlights from the Panel Discussion

[0:58] Hope is not a strategy – The panel emphasized that organizations need an actionable ransomware response plan tailored to their specific risk, not vague assurances.
[7:00] Ransomware variants evolving – Kirby Kaylor outlined how newer variants like Ryuk are patient, silently encrypting backups and triggering attacks only when recovery options are gone.
[13:01] Ransomware-as-a-Service (RaaS) – Anyone, even without coding skills, can now purchase ransomware templates online and customize attacks for as little as $6.
[14:25] Shocking statistics – In the past two years, average ransomware downtime was 16.2 days, and the average ransom paid was $84,000.
[21:07] Step 1: Use a framework – Rick Pitcairn recommended using a cybersecurity framework like NIST to structure your response and ongoing risk management.
[25:11] Step 2: Inventory your data – Chris Jordan urged organizations to first understand where all data resides across cloud, endpoints, and on-prem systems.
[27:00] Behavior-based detection is critical – Prevention alone is not enough. Listening to audit trails and identifying behavioral anomalies is now essential for threat detection.
[32:23] Step 3: Robust backups – Kirby shared the 6 key ingredients for effective backup strategy: Automatic, Off-site, Immutable, Granular, Point-in-Time, and Flexible.
[40:11] The plan must evolve – Adam Johnson reminded attendees that cybersecurity plans are living documents. As the environment changes, so should your response strategy.
[43:38] Unified monitoring at scale – Chris emphasized the need for behavioral models, not just search-based analysis, to manage massive, distributed data from cloud and on-prem environments.
[50:58] Final steps: End-user training & vulnerability scanning – Rick wrapped up with the importance of regular phishing simulations, security awareness training, and penetration testing.

Strengthen your defenses against emerging threats
Request a 50% off security assessment to evaluate your risk posture and harden your environment or enhance your cybersecurity with our comprehensive SecOps services. Visit our SecOps page for more information.

👉 Claim your 50% off security assessmentor explore👉 PTP's AWS Marketplace Offers

The post 5 Proven Ransomware Protection Strategies for Life Sciences and Biotech appeared first on PTP | Cloud Experts | Biotech Enablers.

5 Key Lessons Learned in over 20 Years Leading IT Managed Services

Gary Derheim — Thu, 17 Nov 2022 18:40:32 +0000

I often tell my (now adult) children that many of life’s most impactful lessons are learned the hard way. Well, in 20+ years of leading managed services I’ve learned plenty the hard way, and I’d like to think—despite the scars—that I and the services I influence at PTP are better off for it. Since today is my birthday (please, hold your applause until the end), it felt like a good time to reflect and share some of those lessons in hopes that they provide value to others.

Lesson 1: Services, Not Engineering
It’s called Managed Services for a reason—not Managed Engineering, Managed Technician, or Managed Analyst. Hire people who have the skills to perform the job well, but also look for those with empathy, business awareness, and a deep commitment to customer satisfaction. Well-written scopes of work matter, but going above and beyond is what renews contracts. This is especially true for teams delivering managed IT services for life sciences companies where stakes are often high.

Lesson 2: No “MSP” Can Do It All
If they say they can, run. Fast. I once heard a client say that MSPs grow until they stop performing well. Often, their early success comes from a few brilliant people who can handle everything—until they can’t. The model breaks under scale. A strong IT managed service provider for life sciences, or any industry, knows how to say no for the right reasons and focuses on operational efficiency through a well-defined tech stack.

Lesson 3: Offshore is Cheaper, Not Better
Offshore teams can be part of a smart strategy—but only in limited roles. I’ve seen it work best during night/weekend support or for repetitive tasks that follow clear runbooks. Especially for biotech IT support or scientific research MSP services, clients deserve teams that know their environment, systems, and compliance requirements. The real value comes when escalation paths lead back to experienced, knowledgeable engineers who understand the client’s unique needs.

Lesson 4: Transparency and Openness
Never hide metrics or lock clients out of their tools. If a managed services team fears client visibility, that’s a red flag. Trust is the foundation of every relationship—whether personal or professional. Say what you do, do what you say, and show what you do. That level of openness is what separates average MSPs from those who earn long-term loyalty in sectors like life sciences compliance and security management.

Lesson 5: Drive for Show, Putt for Dough
Yes, it’s a golf metaphor. “Driving” in this case refers to 24×7 monitoring, alerting, and incident management. It’s necessary, it’s complex, and it’s table stakes. But it’s not what renews contracts. That comes from the “putting”—the forward-looking reviews and strategic guidance. These sessions help clients improve systems, optimize operations, and plan for the future. For MSPs serving clinical research or regulated labs, these reviews are where the real business value is proven.

Nobody has all the answers—I certainly don’t. But most of the lessons I’ve shared here weren’t taught to me; I had to live them. And every misstep has shaped how we execute today. We’re not perfect, but our clients know they’re supported by a team that works hard, performs at a high level, and puts them first.

By Gary Derheim
VP of Marketing & Business Development

Strengthen your defenses against emerging threats

Request a 50% off security assessment to evaluate your risk posture and harden your environment or enhance your cybersecurity with our comprehensive SecOps services. Visit our SecOps page for more information.

👉 Claim your 50% off security assessmentor explore👉 PTP's AWS Marketplace Offers

The post 5 Key Lessons Learned in over 20 Years Leading IT Managed Services appeared first on PTP | Cloud Experts | Biotech Enablers.

How PTP Helped SPHCC Improve Security and Boost Patient Encounters by 91%

Mai Hiraoka — Tue, 01 Nov 2022 06:07:16 +0000

How PTP Helped SPHCC Improve Security and Boost Patient Encounters by 91%*

Scranton Primary Health Care Center (SPHCC), a Federally Qualified Health Care Center (FQHC) located in Northeastern Pennsylvania, has been providing essential healthcare services since 1978. Initially founded to address the medical needs of underserved populations, SPHCC has grown over the past 44 years to offer a wide range of services, including internal medicine, pediatrics, gynecology, prenatal care, dental services, and outreach programs for the homeless community. With over 916,000 patient visits since its inception, SPHCC remains dedicated to delivering exceptional care while operating with limited resources.

*SPHCC experienced a 91% growth in patient visits over five years, supported by a secure and scalable cloud environment.

The Challenge

As an FQHC, SPHCC must maximize operational efficiency to direct funds toward patient care. Handling sensitive patient data and electronic health records (EHR), SPHCC needed to adhere to high data security standards typically reserved for larger organizations with more extensive resources.

Critical challenges included:

• Ensuring high availability for applications critical to patient care.

• Maintaining compliance with stringent healthcare data security regulations.

• Implementing robust security controls and monitoring without a large IT staff.

SPHCC sought a cost-effective solution to securely host and manage its applications while minimizing the operational burden on its small IT team.

The Solution

SPHCC partnered with PTP to modernize its IT infrastructure and enhance data security. PTP deployed SPHCC’s critical applications on Amazon Web Services (AWS) to eliminate the capital expenses associated with managing an on-premises datacenter. The solution included:

AWS Security Best Practices Monitoring and Compliance
Leveraged CloudCheckr to provide consistent reporting on AWS services and configurations, ensuring alignment with industry best practices.

Delivered on-demand compliance reporting mapped to multiple regulatory frameworks, offering visibility into potential non-compliance issues.

AWS Infrastructure Vulnerability Scanning
Deployed Amazon Inspector to perform continuous vulnerability scanning for SPHCC’s AWS resources.

Ensured operating systems and applications adhered to the AWS Shared Responsibility Model, eliminating high-risk vulnerabilities.

Robust AWS Architecture
Implemented a highly available and secure infrastructure using AWS services, including CloudFormation, CloudWatch, CloudTrail, Identity & Access Management (IAM), Virtual Private Cloud (VPC), Simple Storage Service (S3), Elastic Compute Cloud (EC2), VPN Gateway, AWS Key Management Service (KMS), and AWS Certificate Manager.

Designed an architecture based on AWS’s Well Architected Framework to address the core pillars of Security, Reliability, Performance Efficiency, and Operational Excellence.

The Outcome

PTP delivered a secure, reliable, and highly available cloud-based solution for SPHCC’s critical applications.

Seamless Migration
PTP ensured a smooth transition from on-premises servers to the cloud, conducting thorough testing and orientation to avoid disruptions to patient care.

Enhanced Operational Efficiency
Eliminated the need for SPHCC to manage local servers, storage infrastructure, and software updates.

Improved Patient Care
SPHCC experienced a 91% increase in patient encounters over the last five years, supported by a scalable and secure cloud environment.

By leveraging PTP’s expertise and AWS’s secure cloud infrastructure, SPHCC successfully modernized its IT operations, enhanced data security, and improved its ability to provide high-quality care to the community. PTP’s cloud security solutions allowed SPHCC to focus on its mission of delivering exceptional patient care while meeting stringent healthcare regulations.

“The transition from actual hosted servers to cloud based was seamless and problem free. PTP scheduled the migration at a time that was convenient for us and did thorough testing before asking us to confirm functionality. PTP made certain resources were available to resolve any issues that arose as a result of the migration. PTP scheduled testing and orientation with us when it was convenient, making certain patient care was not affected.

Scranton Primary has experienced a 91% increase in patient encounters over the last five years, and PTP has made sure we have all the tools we need not only to provide patient care but also to grow and prosper.”

Joseph Hollander

CEO, Scranton Primary Health Care Center

Ready to enhance your cloud security?

PTP’s cloud security solutions can help your organization achieve operational excellence while ensuring compliance and data protection. Contact us today to learn more about our tailored solutions for healthcare providers.

Schedule a call

Let us help you unlock your potential.

Contact PTP today to learn how we can help accelerate your research and innovation.

The post How PTP Helped SPHCC Improve Security and Boost Patient Encounters by 91% appeared first on PTP | Cloud Experts | Biotech Enablers.

How PTP Improved Cloud Security with 24×7 Monitoring and AWS Solutions

Mai Hiraoka — Tue, 01 Nov 2022 05:02:42 +0000

How PTP Enhanced Cloud Security for A Biotech Firm with AWS Solutions

This organization (renamed ABC Bio for this case study) is a clinical-stage biopharmaceutical company translating genetic intelligence into the development of therapies for patients affected by certain disorders.

The Challenge

The majority of organizations in the biotechnology vertical, like ABC Bio, face several challenges for data protection:

Diverse Lab Environments
Data scientists utilized numerous lab applications running on various operating system (OS) types and versions.

Isolated Data Stores
Lab data was stored across disparate platforms, including AWS S3, Box, Dropbox, and MS365.

Remote Workforce
Many employees worked remotely, making data security more complex.

Limited IT Resources
ABC Bio’s workforce included scientists and bioinformaticians, with few personnel dedicated to IT or IT security.

Regulatory Compliance
Operating in a regulated market, ABC Bio had to adhere to numerous data security controls and compliance frameworks.

As a fast-growing firm dealing with highly sensitive data, ABC Bio needed to protect its data—whether in the lab, in their AWS cloud, or on user workstations—and maintain visibility into potential threats at all times. They sought to improve their data security posture by implementing standardized security frameworks, corporate security policies, data security technologies, and a formalized incident response plan.

The Solution

Recognizing that best-practice data security requires a layered approach, ABC Bio partnered with PTP to deliver security protection and detection services. PTP’s PeakPlus SECURE suite of services included:

CloudCheckr for Compliance Visibility
Deployed CloudCheckr to provide consistent reporting on AWS services and configurations versus industry best practices.

Enabled on-demand compliance reporting mapped to more than 20 key compliance frameworks.

24x7x365 Monitoring with Fluency
Implemented Fluency, a next-generation SIEM, to correlate events from AWS CloudTrail, endpoint security tools, on-premises network tools, and Active Directory logs.

Leveraged Fluency’s machine learning and automated rules for anomaly detection, creating security incident tickets for triage and escalation.

Comprehensive AWS Services

Leveraged AWS services including CloudFormation, CloudWatch, CloudTrail, AWS Config, Identity & Access Management (IAM), Virtual Private Cloud (VPC), Simple Storage Service (S3), Elastic Compute Cloud (EC2), VPN Gateway, AWS Key Management Service (KMS), Amazon Inspector and AWS Certificate Manager.

Incident Response Plan Integration
Built runbooks for notification and escalation of validated security incidents, aligning the solution with ABC Bio’s incident response plan.

Advanced Security Framework for ABC Bio: Integrating Diverse Data Streams for Enhanced Monitoring and Response.

The Outcome

Partnering with PTP, an AWS Advanced Consulting Partner with the Life Sciences Competency and cybersecurity expertise, enabled ABC Bio to enhance its security posture while adhering to regulatory requirements. PTP’s solutions ensured data protection across lab environments, cloud infrastructure, and user devices, empowering ABC Bio to focus on delivering life-saving treatments.

Faster Compliance Reporting
ABC Bio’s compliance team drastically reduced time spent on readiness preparation and reporting for internal and external audits, leveraging on-demand reporting from CloudCheckr.

Cost-Effective Security Monitoring
By adopting PTP’s 24x7x365 Monitor and Triage Security Events service, ABC Bio implemented a robust security monitoring solution at a fraction of the cost of building it internally.

Focus on Innovation
With PTP’s PeakPlus™ service managing AWS and user device security, ABC Bio’s team could focus on advancing genetic therapies without compromising data security.

Ready to Secure Your Cloud Environment?

PTP’s PeakPlus™ SECURE services can help your organization protect sensitive data while streamlining compliance. Contact us today to learn more about our tailored security solutions.

View PTP's PeakPlus Secure

Let us help you unlock your potential.

Contact PTP today to learn how we can help accelerate your research and innovation.

The post How PTP Improved Cloud Security with 24×7 Monitoring and AWS Solutions appeared first on PTP | Cloud Experts | Biotech Enablers.