Regulatory | Network | Data | Application |
---|---|---|---|
Company-wide best practices and auditing ensure compliance | Control over inbound and outbound communications down to the intra-cluster level | All data are fundamentally secure and protected | Access controls for software components overseen by a user management system |
SOC 2 compliant | TLS 1.2+ encryption; both client-facing & server-side | AES-256 bit encryption: files, mounted vols., & databases | Single sign-on (SSO) with support for 2FA |
GDPR compliant | Distributed Denial-of-Service (DDoS) protection | AWS S3 storage durability of 99.99% (eleven 9’s) and 99.99% availability | Logging at user & job level |
Independent Quality department ensures training and policies are effective | Firewalling of ports | RPO and RTO of under 24 hours | Scheduled vulnerability scans |
Established Software Development Lifecycle (SDLC) | Regular penetration tests | Enterprise tier supports: ○ Isolated tenancy of both files and application database | API keys with token refresh |
Organizational support for virtual audits | Enterprise tier supports: ○ Virtual Private Cloud ○ Virtual Private Network integration ○ On-premise and/or air-gapped installation | Isolation & credentials for each analytical job | |
Enterprise tier supports: ○ FDA 21 CFR Part 11 | Enterprise tier supports: ○ Staging environments ○ Custom SSO via OpenID, OAuth, AD & LDAP with group integration |
Please email us at security@juliahub.com to report any security concerns.