July 15, 2024
This document serves as the first point of reference for prospective and current users of the Azure Enclave Platform. As a living publication, it is updated as new or additional information become available.
Contents
What is the Azure Enclave Platform?
What are the benefits of using the Azure Enclave Platform?
How secure is the Azure Enclave Platform?
Is there a cost associated with the use the Azure Enclave Platform?
Using the Azure Enclave Platform:
How do I access the Azure Enclave Platform to do my research/data analysis?
How would I typically use the Azure Enclave Platform?
Can I import outside files or data into the Azure Enclave Platform?
Can I export files or data from Azure Enclave Platform?
What data analytics tools are available for use in the Azure Enclave Platform?
What operating system do I need to use to access my Azure Enclave Project Workspace?
Storing Files or Data in the Azure Enclave Platform:
How do I access the C: drive or F: Drive?
What kind of data is hosted in the Azure Enclave Platform?
Collaborating within the Enclave Platform:
Consultation and Troubleshooting Services:
I need technical assistance with the Azure Enclave Platform. What should I do?
About the Azure Enclave
What is the Azure Enclave Platform?
The Azure Enclave platform provides researchers a dedicated environment and tools configured to meet their needs. Leveraging cloud technologies, environments can be right-sized and tuned for optimal value and performance. Each Enclave can have a custom dataset and technology tools to help researchers work effectively with project team members.
What are the benefits of using the Enclave Platform?
Portable: The Azure Enclave Project Workspace VM is accessible anytime, anywhere, on Windows and MAC OS.
Secure: The controlled and protected environment offers authorized users a dedicated, centralized, safe, and secure space for collaboration on highly confidential or sensitive data. In this way, the strict compliance oversight is maintained while minimizing the likelihood of unauthorized access to data.
Computational reproducibility: The computational environment can be replicated and research results can be shared or reproduced seamlessly.
Scalable: Each project has adjustable storage space to accommodate different use cases.
Dedicated resources: The Azure Enclave Project Workspace VM and resources therein are dedicated to each.
Customizable: Offers on-demand software delivery based on your analytics needs.
Sensitive data repository: Currently, the Azure Enclave pulls data from PDSR (Patient Data Science Repository), a repository mirroring RPDR (Research Patient Data Repository) data but converted to i2b2 format. i2b2 is the industry-standard format for storing patient medical information. Additional i2b2 information is found on the i2b2 website and i2b2 community website (database model)
How secure is the Enclave Platform?
You can only access the Enclave Platform from within the MGB domain. Access to the Azure Enclave Platform is controlled by Active Directory groups.
You can work with sensitive data and run applications within the Azure Enclave Platform without worrying about potential integrity, confidentiality, or security breaches. A description of the information security standards is available here.
Is there a cost associated with the use the Azure Enclave Platform?
Yes, use of the Azure Enclave Platform is a pay-as-you-go service. Funding must be available to utilize.
Using the Azure Enclave Platform
How do I access the Azure Enclave Platform to do my research/data analysis?
There is an onboarding process to setup your Project Workspace in the Azure Enclave. Below are the steps involved:
- Contact @email to inquire about accessing the Azure Enclave.
- Work with Digital Research Cloud Data Solutions team to determine your research project workspace requirements:
- Identify your project workspace needs – space, compute, tools
- Determine upfront costs and Project Workspace budget
- Implement your Project Workspace in Azure Enclave
- Apply for access to your Project Workspace using the ServiceNow Access Request Form.
How would I typically use the Azure Enclave Platform?
- You can use the Azure Enclave Platform for analysis of your research project data.
- You can collaborate on a research project within the Azure Enclave environment. For each project, authorized team members can use the virtual shared workspace (F: Drive) to analyze data and create reports within the Enclave Platform.
Can I import outside files or data into the Azure Enclave Platform?
Yes. Review the article on HOWTO: Azure Enclave Project Workspace Import & Export Files
Can I export files or data from Azure Enclave Platform?
Yes. Review the article on HOWTO: Azure Enclave Project Workspace Import & Export Files
What data analytics tools are available for use in the Enclave Platform?
A Project Workspace in the Azure Enclave Platform is an Azure data science VM (Windows Server 2019 DSVM. There is a baseline offering of common data analytics software programs and applications such as SSMS, Python, VSCode, Azure Data Studio, RStudio, Jupyter, Weka, and Node.js.
You can customize your environment with additional tools during the onboarding process. Please send an email to MGBAzureEnclave@mgb.org for assistance.
What operating system do I need to use to access my Azure Enclave Project Workspace?
Your Project Workspace within Azure Enclave Platform is remotely accessed from your computer using Remote Desktop Communication (RDC) running on either Windows or MAC OS.
Storing Files or Data in the Enclave Platform
In the Azure Enclave Platform, each Project Workspace has a local computer drive, the C: Drive and a temporary drive, the D: Drive. Both are best utilized for temporary storage of files or data that you are working on and should not be used for long term storage.
Whenever other members of the project need access to shared files or data, the use of the F: (Project) drive is recommended. The intended use is for storing shared project-related files.
The 'F:' Drive belongs to the team and not an individual member of the team (i.e., the 'F:' Drive is a collaboration space where project members can readily store, share, and analyze data). The size is 256 GB of space by default. This can be customized to suit your needs.
How do I access the C: drive, D: drive, or F: Drive?
The 'C:' drive, 'D:' drive and 'F:' drive are automatically mapped and should be visible on your Azure Enclave Project Workspace and when saving or accessing files from within an application. Remember: You should be connected to the MGB VPN to access your workspace in the Azure Enclave Platform.
Collaborating within the Azure Enclave Platform
How many people can access an Azure Enclave Project Workspace concurrently? How much workspace does a Project Workspace have?
Currently an Azure Enclave Project Workspace accommodates 2 users at the same time. In the near future, a Project Workspace will accommodate all MGB staff members accessing concurrently. More than 2 POIs accessing concurrently requires additional cost due to Azure licensing.
Each project’s shared workspace F: Drive has 256 GB of storage by default.
Consultation and Troubleshooting Services
At your first login, make sure to complete all steps outlined in HOWTO: Access the Azure Enclave using Remote Desktop Connection (RDC) on Windows OS or HOWTO: Access the Azure Enclave using Remote Desktop Connection (RDC) on MAC OS depending on your computers OS.
- Ensure that you have established a MGB VPN connection. Details on how to get started with VPN can be found in KB0023967
I need technical assistance with the Azure Enclave Platform. What should I do?
The Azure Enclave Team can assist with access, configuration, and environment issues. We do not provide technical support with specific tools. Researchers utilizing tools are expected to have experience and expertise in using said tools.
For MGB users assistance with troubleshooting or technical support with your Azure Enclave Project Workspace environment, please open a Research Issue/Inquiry Request request. Please always include your unique Project Workspace IP Address on all communications.
I have a feature request or suggestion. How do I submit it?
The Azure Enclave Team welcomes your suggestions and feedback. Please send an email to MGBAzureEnclave@mgb.org.
If you would like to learn more about the Enclave Platform, please contact the Azure Enclave Team at MGBAzureEnclave@mgb.org.