ISO 27001 is a standard for information management systems. A text that describes several requirements that should be met by an information management system. The ISO abbreviation stands for International Organization for Standardization, which is the largest and most recognized publisher of standard texts. The text can be bought, used, and followed by everyone, but some go a step further and become certified by an external certification agency as PipeBio have done.
Reidar Poulsen – ProcessManager
User Facing Security
- Two factor authentication.
- Organizations can define their own session expiry.
- Role based access control.
Application security and ISO 27001 compliance
PipeBio is the only company which has a bioinformatics platform focusing on BCR/TCR analysis which has received ISO 27001 compliance. This entails a lot of processes around application security, business continuity and alerting.
- Business continuity processes
- Compartmentalized, limited access of PipeBio employees to production data.
- Systematic intrusion detection
Log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting, and active response.
- Encryption at rest and in transit
With 256 bit AES
- Secure Socket Layer (SSL) with A+ from SSL labs
- Regular backups
- GDPR compliant
- We only collect data from those who have given their consent by accepting the vendor’s terms of service
- Read our blog for an interview with Reidar Poulsen