Thales

Splashlake partners with the world leader in cybersecurity, Thales, to provide exceptional, industry-leading scientific data security.

Why is scientific data security important?

Organizations have a number of reasons to consider data security as a high priority. Firstly, protection of Intellectual Property is essential to ensure a competitive position in the market. New formulas and potential compounds are key to securing future revenue, so their details must be treated as highly confidential. Secondly, it’s clear that the impact of a cyber-attack or data breach to a brand can be damaging. Customers are immediately cautious if a brand they know falls foul of an information leak – especially if the brand is something relied upon for health or safety reasons. If data is lost, that can mean time and cost-prohibitive rework, and of course any issues with data security can be a violation of regulations such as ISO/IEC 17025, 27001 or NIS-2.

Considerations for scientific data security

Fundamentally, it’s crucial to keep data security top of mind when thinking about all your data pathways. Any providers that either hold or transfer your data must be audited to ensure they conform to security requirements. It’s worth considering that legislation makes it possible for governments to access data held by cloud service providers, so if cloud sovereignty is important to your organization, Bring or Hold Your Own Key technology will be essential. Every point where data is transferred is a potential data integrity concern, so it’s worth keeping this in mind when planning your data management architecture, and how data is transferred between various instruments and software systems.

The Splashlake and Thales Difference:

  • Data is digitally signed directly after it leaves an instrument, cryptographically securing data integrity.
  • Identities and signing keys are securely stored on Thales hardware tokens (on instruments or smart cards), keeping them safe from internal and external threats.
  • Since signatures are held in AnIML files, authenticity of the data is not repository dependent. Signed files can be verified standalone, even decades from now.
  • Multi-level digital signatures provide complete traceability, secured through intelligent crypto key lifecycle management.
  • Confident use of cloud storage with encryption-at-rest.
  • “Bring/Hold Your Own Key” technology ensures that the cloud provider has no access to data.
  • For ultimate cloud sovereignty, an optional Hardware Security Module (HSM) holds the physical key.

To learn more about how Splashlake and Thales secure scientific data security, read our tech note here.