Ensuring Data Security in the Cloud

Geneious delivers software-as-a-service (SaaS) through the cloud. Data integrity and security is of utmost importance and we are committed to continually improving cloud capabilities to ensure customer data is hosted in the most secure environment possible

ISO/IEC 27001:2013 Certified

We have been awarded the International Organization for Standardization (ISO) 27001:2013 certification by Schellman, following an external review of our Information Security Management System (ISMS).

Amazon Web Services

To leverage industry-leading security standards, we have chosen Amazon Web Services (AWS) as our primary cloud infrastructure provider. AWS is recognized for its comprehensive security and compliance features.

AWS ensures a very high uptime and security of data. Moreover, AWS is constantly monitored for intrusion by third party companies through audits and penetration testing to ensure no vulnerabilities exist.

Authentication and Data Access

Geneious users require authentication to access data stored in the underlying system architecture. For this, GraphPad Software, LLC (d.b.a. Geneious) uses token based authentication.

Geneious Cloud applications utilize elements of AWS functionality via REST API over secure HTTP (HTTPS).

Data Access

We guarantee that customer data can only be shared with users within the same organization. All uploaded and application generated data is by default accessible only to the user who created it. The owner of data needs to explicitly share their data with other users, within the same organization, in order for them to be able to access it.

Data at Rest

Refers to inactive data that is stored physically in a database, disk or similar. Geneious data is stored within the highly secure AWS environment in either SQL databases or in BLOB storage (files). GraphPad Software, LLC (d.b.a. Geneious)follows the EU-US Safe Harbour Principles. Data will not leave the zone (EU or US) in which it was uploaded.

Data in Motion

Refers to data that is traversing over the network. Communication involving the transfer of data between GraphPad Software, LLC (d.b.a. Geneious) servers and the customer is encrypted. All communication or connection to Geneious Prime uses Transport Layer Security (TLS) which is an encryption standard for data being sent over the internet. TLS connections use at least 128-bit encryption or stronger. The private key to generate the cipher key is at least 2048 bits. Any connection (via UI or API) requires a validated token for access. Tokens are obtained via the API.

Data in Use

Refers to data that is stored in computer RAM, CPU cache or other CPU registers during pipeline job processing. While, in some instances, data in use may be unencrypted, all pipeline job processing takes place within the highly secure AWS environment.

Data Backup

We guarantee that all customer data stored within the cloud is backed up on a frequent basis. This is to prevent any accidental loss of customer data due to unforeseen events. Customer data cannot be restored if customers delete their own data.

Data Retention

Upon termination of service, we guarantee that all client data will be physically removed from our databases. However, client data from previously performed database backups will only be removed once backups have gone past their end of life date.

Security Audits

We continuously monitor platform security together with a third party security firm. Any security issues found as an outcome of such audits will immediately be given highest priority in the development backlog.

Looking for more information?

If you would like to complete a review of our security posture, more detailed information is available on the Dotmatics Trust Center.

Get started with Geneious today