We know research scientists care deeply about privacy and data security, and we optimize our work to get these important issues right for you.
With this post, I’d like to provide transparency about how we protect your data. We utilize the latest industry-leading security techniques. Here are the 5 most essential and effective methods:
- Code Signing: We are the only electronic lab notebook provider who develops local apps backed by the cloud services. This lets us use platform-specific security technologies to secure your data on your computer before they hit the cloud. Since we have Apple Distribution Certificates, on Apple computers and devices we use Apple Code Signing. To check this, one can run the following command in terminal to see our team identifier:
codesign -dv /path_to_app/elucidaid.app
- Sandboxing: As required by Apple, elucidaid is sandboxed to prevent inadvertent functionality in case of a third-party malicious attack. At this stage, our app is distributed outside the Apple app store because of rapid development and version updates based on community feedback.
- Local and Cloud Backups: After your data is saved on your computer, a copy is encrypted and uploaded directly to Amazon Web Services (AWS) for storage via SSL endpoints using the HTTPS protocol. Data stored on AWS are by default encrypted again using SSE-S3. You can read about Amazon security measures by following the link below: https://aws.amazon.com/s3/faqs/
- User Level Permission: On top of the code signing and the multiple encryptions that secure your data, we use user level permission for each record that uploaded by the app. This prevents others from even looking at the encrypted data. You control who can download, decrypt and view your notes when you specifically share a note with a colleague. We use two powerful cloud micro-services that manage our users, their data on S3, invitations, and file-sharing. One micro-service is built with Node.js, and the other is built with Ruby On Rails.
- Resiliency: We use a fault tolerant architecture to power elucidaid. Our cloud infrastructure uses redundant load balancers, servers, and virtual instances. All hosted in the United States.