Security is critical to PubHive and our customers. The PubHive Navigator life science cloud platform and platform application modules are engineered to deliver enterprise-grade protection to the confidentiality, integrity and availability of all customer data.
PubHive is built on Azure, a cloud computing service operated by Microsoft for application management via Microsoft-managed data centers. Azure offers a secure and compliant cloud trusted by millions of customers from Fortune 500 companies to innovative start-ups.
PubHive is committed to protecting the confidentiality, integrity and availability of all of your data. PubHive data is encrypted in transit and stored using cutting-edge methods recommended by the foremost security industry and standards organizations. Security is built into all aspects of our platform in order to protect your data. This includes the use of multiple network and access controls.
PubHive data is encrypted in transit and storage using TLS Encryption algorithms and AES-256. Encryption is applied to various application infrastructure layers with highly restricted access to securely stored encryption keys.
PubHive employs numerous mechanisms to help you control data access, including applying Open Web Application Security Project (OWASP) including ModSecurity Core Rule Set and Bot Mitigation.
The PubHive life science cloud platform is built on isolated, private networks and uses multiple network controls such as restrictions for both inbound and outbound traffic, plus monitoring of traffic rates, sources and types across multiple network points.
PubHive regularly performs vulnerability and web applications scans in addition to leveraging third-party security assessment resources such as Microsoft Azure Defender.
PubHive’s #1 priority is to ensure that only authorized users can access their own data and to prevent any unauthorized users from accessing, disclosing or violating the privacy and protection of data stored in PubHive’s life science cloud platform. PubHive also leverages several other data access controls and best practice methodologies to ensure our life science platform and application modules are built to protect your data and help you fulfill your privacy obligations.
The PubHive life science cloud does not collect scan or PII data. Any potentially identifying customer data is anonymized before ingestion.
PubHive uses a number of data access controls. In addition, access to anonymized data is restricted to authorized PubHive personnel team with strict access controls in place.
Collection and processing of customer data occurs within a customers geographic region. Results are anonymized and only then are aggregated with similar data in our analytics platform.
PubHive offers a service level agreement (SLA) that guarantees a 99.9% uptime to ensure our life science cloud platform is always accessible. PubHive utilizes several measures to ensure that services are highly available and secured against attacks as well as unplanned outages.
PubHive includes an uptime guarantee of 99.9% in its standard service level agreement (SLA), with service credits offered if the SLA is not met.
PubHive uses the Microsoft Azure platform and other leading technologies to ensure high availability. With fault tolerant and redundant components, PubHive ensures you get the best possible service with minimal downtime.
PubHive has a dedicated team that drives Secure Software Development Lifecycle (SSDLC) for the company. The team leverages automated security testing to identify potential vulnerabilities within source code, dependencies, and underlying infrastructure to ensure that the PubHive life science cloud platform and applications modules are secure.
PubHive’s SSDLC team strictly adheres to defined security controls in our development processes and uses automated Security Testing to identify potential vulnerabilities. All tests must meet strict criteria before products are released.
PubHive analyzes the application source code for bugs, technical debt, as well as vulnerabilities to ensure the security and quality of our life science cloud platform and application modules.
PubHive analyzes project dependencies to determine vulnerabilities and licensing issues.
PubHive regularly runs automated web application scans against our life science cloud platform and application modules to discover any bugs that may exist, to identify potential exploits, and to uncover potential vulnerabilities early in the development process.
PubHive performs vulnerability assessments on all container images to detect any vulnerable software running on a given container. Strict requirements prevent the shipment of vulnerable containers until all issues have been resolved.
PubHive’s source code control standards fulfill all certification requirements and industry best practices. Standards include, but are not limited to peer reviews of code, role-based access controls, least privilege, code and repository ownership, segregation of duties- plus much more.