How ROSALIND Protects Your Data
View the original blog post here.
ROSALIND is cloud-native platform that harnesses industry-leading best practices and the strength of Google Cloud Platform to ensure the highest level of cybersecurity available for enterprises Pharma, academic institutions, and the Federal Government.
SAN DIEGO, CA – 2021-11-30 – ROSALIND is a cloud-native platform. What does this mean? Simply put, instead of inviting the risk of standing up physical servers at our own private location, we utilize the global-scale infrastructure of the cloud to securely manage our system infrastructure. Popular cloud service providers include Amazon Web Services, Microsoft Azure, and Google Cloud Platform (GCP). ROSALIND's cloud service provider is GCP, and we are in good company. Leading companies and projects like PayPal, the Broad Institute, and even the CERN Large Hadron Collider also rely on the Google Cloud Platform for their sensitive big data needs.
Because ROSALIND is cloud-native on GCP, we're able to have the same security and redundancy of Google's own services. This is incredibly important for ROSALIND, not only for our academic and enterprise customers, but for our work with the Federal Government as well.
ROSALIND is currently in the process of completing FedRAMP authorization. The Federal Risk and Authorization Management Program (FedRAMP) was established to provide a security framework for modern cloud platforms. If a cloud platform follows this framework and is authorized by a certified institution, like the HHS, Federal Government agencies are empowered to use that cloud platform knowing government data is protected.
Cybersecurity Stock Image
The ROSALIND Platform has enabled dozens of GCP services to function in the most secure way possible. Our utilization package includes Google Cloud Storage, Cloud SQL, Compute Engine, and many more. All of these services fall under GCP's FedRAMP-compliant service family. Because ROSALIND is built on top of these services, we inherit their top-notch security protections.
As an example, ROSALIND stores all structured data in Cloud SQL. Data replication, cross-regional backups, and underlying VM security have built-in protection with progressive layers that deliver true defense-in-depth and at scale. There are also some additional security measures that ROSALIND implements, like the encryption of data access within the ROSALIND platform while at rest and in transit. Our service provider also provides leading-edge monitoring and alerting tools that allow us to respond to any security issues that arise immediately, giving our engineers peace of mind and the fastest response times available.
The Department of Health and Human Services is currently sponsoring the process for ROSALIND to be a FedRAMP audited solution by Spring 2022. Contact us for more information about our FedRAMP authorization or to learn more about our cybersecurity practices.