Renewable Energy Lab Begins Moving More Sensitive Data to the Cloud

While much of government struggles to get its hands around how to use cloud computing, National Renewable Energy Laboratory -- NREL for short -- has been living in it for the past six years.

NREL plays an integral role in advancing renewable energy and energy efficiency research and development for the Energy Department. Its research is why wind energy is the fastest-growing source of new energy and why electricity costs from sunlight-collecting photovoltaic panels has dropped almost tenfold in recent years.

While some of NREL’s research involves trade secrets and is under moratorium, the lab shares the vast majority of its data and research with the Energy Department, national laboratories and other stakeholders.

Beyond the groundbreaking research itself, what’s cool about NREL’s efforts is that they are driven predominantly by cloud computing. Back in 2009 – a year before the National Security Agency set its sights on cloud computing to deal with its data deluge – NREL set out in earnest to open up and share its data through an application that became known as OpenEI (short for Open Energy information).

According to Debbie Brodt-Giles, digital assets manager at NREL, moving research data available through OpenEI to the cloud trumped making it accessible through internal NREL servers for several reasons. The first was accessibility to the data itself. NREL’s security personnel weren’t keen on allowing outside users access to servers themselves, preferring not to “punch holes” in security protocol to allow access to available data sets, she told Nextgov.

The second was performance, said Chris Webber, NREL’s senior cloud architect.

While sharing what can be sometimes very large data sets via a series of highly scalable internal servers would have been a financial and managerial nightmare for NREL, it was tailor-made for cloud computing.

Thus, NREL turned to Amazon Web Services, which -- after obtaining an authority to operate that verified rigid security requirements are met -- now hosts OpenEI data.

“Multiple lines of connections come into the lab, but they -- those pipes -- are limited,” said Webber, speaking about NREl’s pre-cloud infrastructure. “We pushed that aspect onto Amazon Web Services. It’s up to them how now to manage how many people who access and download data.”

If a slew of users are vying for a new data set available on OpenEI – the application contains multiple terabytes of research data – AWS servers scale up to meet the need. On slow days, they scale down automatically, ensuring far less capital spending.

“If we were to build these highly scalable sites internally, the capital expenditure would be enormous,” Webber told Nextgov. “The ability to convert the operating expenditures instead, with just a handful of servers to develop a site, is huge.”

While security is still a concern, Brodt-Giles said NREL is able to “leverage the security within AWS,” which had to meet a long list of security controls that mostly stem from the National Institute of Standards and Technology. Moving to cloud hasn’t eliminated NREL’s IT team, but Brodt-Giles said it has freed it from “managing large racks of hardware.”

Instead, the team can focus program architectures and performance, getting more bang for taxpayer bucks. Webber argued against the myth that the cloud is somehow less secure than internal servers, too.

“It’s just as secure -- you might even argue it’s more secure, but at the same time we’ve made it easier to access (the data),” Webber said.

In recent months, NREL secured a moderate level data ATO, a separate ATO that controls a moderate cloud enclave where NREL can locate some of its more sensitive data. This was an effort Webber said NREL had first looked at three years ago, but really took shape in the fall of 2014. Moderate level data includes information that would be considered sensitive to a business if it were leaked out, and is not public facing.

“Rolling out the ATO with moderate data was a big milestone,” Webber said. In all, NREL has expanded its use of cloud computing significantly since its foray to the technology in 2009, and now boasts 25 applications running on it, with more planned in the future.

(Image via winui/ Shutterstock.com)