Security & Integrity

Administrative Tasks and Security

Datacenter and Servers

  • Datacenter infrastructure has DDOS and first layer of network security
  • Datacenter is ISO 27001
  • All our servers are all up to date on OS layer to make sure all security patches are in place
  • All our servers have firewall in place to limit ports to minimal needs
  • All our servers have watch dogs like Fail2Ban, port scanner, etc.
  • All our servers have active monitoring
  • We run pen tests on our solution to ensure safety on the releases

Secure login and authentication

LDAP and AD (SSO-Single Sign ON):

  • Users with just one password can access all the apps including LabCollector.
  • SSO improves security and identity protection for your valuable research data.
  • LabCollector allows you to use the LDAP (Lightweight Directory Access Protocol) and AD (Active Directory) network for users
  • It works with standard LDAP protocol and only uses LDAP server and domain.
  • Users and Staff LDAP/AD can be directly imported.
  • SSO authentication with SAML (Security Assertion Markup Language) possible with LabCollector.
  • SAML uses secure tokens which are digitally signed and encrypted messages with authentication and authorization data.

Captcha & Two-Factor Authentication

  • LabCollector allows to configure Two-Factor Authentication (2FA) and Captcha function
  • You can configure the type of Captcha code you want (numbers, letters, length)
  • 2FA allows you to add a security level when connecting to LabCollector
  • 2FA uses email (and SMS if an SMS app is integrated) to send the security code

User permissions & groups

  • Users can manage their own data. However, new and edited data will be added to Waiting Data and will require validation by administrators or the super administrator.
  • Staff can see all data, create common boxes but can only manage their own data.
  • Staff+ can see all data, process orders, follow budgets and invoices, use the memorize items function, create common boxes but can only manage their own data.
  • Admin can see all data, manage all data from all users and validate waiting data.
  • Visitor can only view and search for data.
  • Passwords are kept encrypted with legacy or SHA-256 or SHA-256+ modes having “strong” rules.
  • Groups of users can also be defined with specific access rules on modules for even more security. Different privacy modes can be defined to isolate users.

Data backups

  • LabCollector allows data back-up to secure your important data.
  • You can schedule an automatic backup as and when you require.
  • Downloading backed-up data is made more easier with LabCollector.
  • You can schedule the database backup either daily, monthly or weekly.
  • More complete backup is offered by LabCollector Server Manager which allows backup of the entire LabCollector instance in your desired folder. Read More….