At Igenbio, Inc. security of your data is a top priority. Your data is protected by best practices in physical and data security measures. This includes 24/7 physical security and monitoring, and the best available encryption for storage and transmission. Our employees are trained and knowledgeable in data security best practices.
Account Access
All users are verified before being allowed access to ERGO resources.
We do not store passwords at any time, only their hashes with a salt.
All network connections to ERGO infrastructure are actively monitored.
Data Storage and Transmission
All client data is transferred encrypted via HTTPS.
All client data is encrypted at rest using a 256 bit AES key
All hardware is securely erased using U.S. Department of Defense standards before disposal or reuse.
Data Integrity and Retention
All client data is backed up in secured cloud storage, encrypted at all times with AES 256 bit keys.
Client data is verified using either md5 or sha1-sum hashes after transfers to ensure data integrity.
Encrypted Client data may be transferred to and stored at data centers in Chicago, New York City, or Sacramento.
Client data is kept for up to 12 months after expiration of ERGO license or a project.
Specific client data can be purged upon client request but may be resident in encrypted backups for up to 3 months.
Employee Access
Access to client data is provided through multi-factor authentication.
Access is granted by the principle of least privilege based upon job function.
Any access to client data is closely monitored.
Data Centers
Igenbio carefully select our data center partners and ensure they meet the highest standards of physical and data security.
All data centers that store client data:
24/7 Security on premises
Video security and monitoring
Battery and generator backups
Temperature Controls
Multiple layers of physical security, such as “Man traps.”
More specific information about the data centers that contain your data can be provided upon request.
