Data Security

 

BGI offers customer data protection through its comprehensive data management system

Data Storage

Data is backed up and accessible on demand

When genome sequencing, mapping and data analysis is completed, the image data is stored in a BLC (Bioinformatics Linux Cluster) via a stand-alone VLAN (Virtual Local Area Network). For data management, the raw data, the middle/final data and the report are backed up to tapes and made accessible on demand.

Access is regulated through a role based control policy

At BGI we follow a role based access control policy including password and ID management to maximize data protection. In addition, frequent manual checking and biometric readers will be used at points of entry. We also use a multi-layered security model to control our systems access where users are separated into different security zones with limited access to different resources. Specifically, different projects have their own contents and only the corresponding (PM) project managers and users have the right to access them.

Data is securely transferred

Before the data delivery, IQC (Incoming quality control) and three levels of QC (quality control) processes are performed on data analysis. Https is the default transfer protocol to protect data confidentiality and integrity. Large files that will be delivered on hard drive disks, will utilize either an md5 or a sha256 checksum (Hash algorithm). AES (Advanced Encryption Standard, 256 bit key) is optional to balance performance and security.

Secure network protected by firewall/IPS (Intrusion Prevention System)

BGI’s intranet network is protected by a firewall/IPS (Intrusion Prevention System). The product & OA (Office Automation) network is separated from the outside network by a VLAN (Virtual Local Area Network) and outbound services are located within a DMZ (Demilitarized Zone).

Constantly powered supercomputer facilities

All the facilities are placed in dedicated and well-designed data centers which are physically separated from other infrastructures or equipment. UPS (Uninterrupted Power Supply) & PDU (Power Distribution Unit) protections are applied for power outage and surge to provide uninterruptable power and reliable network connectivity. Critical environmental conditions such as temperature and humidity are kept constant through a HVAC (Heating, Ventilation and Air Conditioning), while integrative sensors and cameras are used to monitor smoke, water and power outages.

Dedicated IT Professionals on site

There are dedicated teams of IT professionals to maintain all the facilities and data.

Auditing capabilities for your services

All the login/out activities, user commands and the data analysis operations are logged and stored.