LabVantage Emphasizes Cybersecurity With Version 8.6 of Its LIMS Platform
Product News Mar 08, 2021
LabVantage Solutions, Inc., a provider of laboratory informatics solutions and services including purpose-built LIMS solutions that allow labs to go live faster and at a lower total cost, today announced that the 8.6 edition of its flagship LIMS has been designed and tested to optimum cybersecurity standards.
System security takes the highest priority in LabVantage LIMS 8.6 with the adoption of SonarQube to evaluate and scan source code for potential vulnerabilities; a greater use of Atlassian’s Jira software to track code more closely and increase the visibility of potential security issues during development; and a partnership with a third-party cybersecurity organization to perform ongoing, objective penetration testing of the software, among other development efforts.
“LabVantage is in the forefront of taking a proactive approach to cybersecurity, spreading cybersecurity best practices throughout our development process, and working with customers to address specific security needs,” said Matt Grulke, Vice President of R&D at LabVantage Solutions. “LabVantage LIMS 8.6 was developed taking both customer input and the company’s own research into account, as such partnership is a cybersecurity best practice.”
LabVantage LIMS has always been highly secure, with configurable security protocols and permissions that meet the requirements set out by the US Health Insurance Portability and Accountability Act, and the EU’s General Data Protection Regulation. Encryption has been included in multiple stages, including all data within cloud servers and in the VPN tunnels associated with cloud-hosted and SaaS-based deployments of the LIMS. LabVantage has also been highly proactive in terms of ensuring security through penetration testing and other activities that allow users to stay in front of any potential cyberattacks.
LabVantage LIMS 8.6 increases the focus on system security — moving to a design framework that understands the nature of data vulnerability and how to respond to it. Integrating SonarQube into the development process is one example. An open-source platform, SonarQube provides continuous inspection of code quality to perform automatic reviews with static analysis to detect bugs, code smells, and other security vulnerabilities.
In addition, LabVantage has extended its standard operating procedures for coding, and expands the use of Jira software into the process to track code more closely and increase the visibility of potential security issues during development.
The company also uses “magic byte” detection — a list of file signatures and data that can identify or verify file contents — to ensure malicious files cannot be uploaded, and reviews all third-party libraries to guarantee legacy libraries and their dependent plug-ins are upgraded.
To test the approach followed in developing LabVantage 8.6, the company invited its R&D staff to assault the product during an internal hackathon. In addition, LabVantage has partnered with a third-party cybersecurity organization to perform ongoing, objective penetration testing of the software.
LabVantage is also committed to spreading a culture of cybersecurity throughout the company, introducing several initiatives to ensure the company and its products are ready for any eventuality. The company constantly monitors the OWASP Top 10, which tracks the top current critical risks to web-based applications like LIMS, and is working toward training its internal staff as Certified Ethical Hackers. The overall objective is to ensure employees are trained to recognize and avoid cross-site scripting and SQL injection issues at any point in its system.
The company will continue to explore and adopt new standard operating procedures, work instructions, and guidances to ensure all employees are adhering to a culture that emphasizes security.
“It’s not just something that the research and development team owns,” said Mr. Grulke. “It’s something the whole company must embrace to ensure LabVantage remains an exceptionally breach-resistant addition to our customers’ technology stacks.”
Looking ahead, LabVantage will shortly introduce React.js, a Java Script library that will enable the company to achieve what is known as “security by default,” where the default settings of its software products are the most secure possible. Here, again, LabVantage is demonstrating its commitment to leadership — not viewing security as an add-on, but designing every element of its products from the aspect of ultimate protection. Several other best-in-class methods, such as multi-factor authentication, will be added to LabVantage’s cybersecurity approaches, ensuring that its software provides unparalleled protection for customers’ data.
LabVantage recognizes that system security is of paramount importance in any enterprise’s digital transformation, and the company is committed to collaborating with customers to make every network its products sit on to be as secure as possible.