ISO/IEC 27001:2013 Certified
We have been awarded the International Organization for Standardization (ISO) 27001:2013 certification by Schellman, following an external review of our Information Security Management System (ISMS).
Amazon Web Services
To leverage industry-leading security standards, we have chosen Amazon Web Services (AWS) as our primary cloud infrastructure provider. AWS is recognized for its comprehensive security and compliance features.
AWS ensures a very high uptime and security of data. Moreover, AWS is constantly monitored for intrusion by third party companies through audits and penetration testing to ensure no vulnerabilities exist.
Authentication and Data Access
Geneious Biologics users require authentication to access data stored in the underlying system architecture. For this, Biomatters uses token based authentication.
Geneious Biologics is a single page web application that utilizes AWS functionality via REST API over secure HTTP (HTTPS). Geneious desktop applications utilize elements of this cloud functionality in the same manner.
We guarantee that customer data can only be shared with users within the same organization. All uploaded and application generated data is by default accessible only to the user who created it. The owner of data needs to explicitly share their data with other users, within the same organization, in order for them to be able to access it.
Data at Rest
Refers to inactive data that is stored physically in a database, disk or similar. Geneious Biologics data is stored within the highly secure AWS environment in either SQL databases or in BLOB storage (files). Biomatters follows the EU-US Safe Harbour Principles. Data will not leave the zone (EU or US) in which it was uploaded.
Data in Motion
Refers to data that is traversing over the network. Communication involving the transfer of data between Biomatters servers and the customer is encrypted. All communication or connection to Geneious Biologics or Geneious Prime uses Transport Layer Security (TLS) which is an encryption standard for data being sent over the internet. TLS connections use at least 128-bit encryption or stronger. The private key to generate the cipher key is at least 2048 bits. Any connection (via UI or API) requires a validated token for access. Tokens are obtained via the API.
Data in Use
Refers to data that is stored in computer RAM, CPU cache or other CPU registers during pipeline job processing. While, in some instances, data in use may be unencrypted, all pipeline job processing takes place within the highly secure AWS environment.
We guarantee that all customer data stored within the cloud is backed up on a frequent basis. This is to prevent any accidental loss of customer data due to unforeseen events. Customer data cannot be restored if customers delete their own data.
Upon termination of service, we guarantee that all client data will be physically removed from our databases. However, client data from previously performed database backups will only be removed once backups have gone past their end of life date.
We continuously monitor platform security together with a third party security firm. Any security issues found as an outcome of such audits will immediately be given highest priority in the development backlog.
Geneious Biologics allows us to drill into huge antibody sequence sets and quickly identify where errors lie and inspect bad clones. This will ensure we return the most effective, stable therapeutic antibody candidates to our clients, faster.