DATA INTEGRITY & SECURITY
Rotronic offers 3 software solutions:
- On-Premise Solution
- Public Cloud/SaaS Solution
- Exclusive Cloud Solution
Both the RMS exclusive and public clouds can be offered for environmental monitoring and GxP environmental monitoring for regulated companies (FDA CFR 21 Part 11 and EU Annex 11). Please be aware that the public cloud will be updated based upon the standard software release schedule, customers are informed before the upgrade takes place.
Data Security in RMS
The monitoring system provides encryption of the data during transfer to the data center/stoage area. This means the data can neither be tapped or manipulated by so-called retry attacks. The security of the stored database in RMS is ensured by the IT structure. The Rotronic Cloud is protected by certified IT data centers. If the database is located in the customer's server center, the customer defines the security infrastructure.
Data Security in the Cloud
When purchasing either one of the RMS SaaS solutions, Rotronic works together with the company 4Net. They provide a virtual data centre for the Rotronic Monitoring System server and database. 4Net uses the Interxion data centre. Interxion’s Zurich data centre provides an ultra-secure, known location for storing and processing data in line with Swiss data protection regulations. Like all Interxion data centres, the Zurich location operates in full accordance with the ITILv3 framework and has ISO 27001 and ISO 22301 certification. Their compliance with the FINMA circular 07/8 is externally audited.
IT Compliance Information regarding the Rotronic SaaS / Cloud
Ensuring data integrity means guaranteeing secure transmission and storage. A measured value must not change during transmission because of disruptions or user interaction. Data transmission and storage must therefore be safe from manipulation. This is achieved with all data being sent with CRC checksums and confirmed by the recipient after receipt. Should the data not arrive with the recipient, they are stored intermediately by the logger and can then be transmitted at a later point in time when the connection has been restored. In this way, faulty data communication is recognised and the data stored in the buffer memory are sent again until the transmission has been finished.