Life in Transit: Temperature Monitoring in Blood Storage and Distribution

Cloud Based Data Loggers: Hardware and Data Security

Collecting temperature and humidity related data is made simple with a data logger. This is undisputable. However, since the evolution of the data logger and the introduction of new technology advancements, the security of the data it collects has been a point for consideration and discussion.

The difficulty is that highly regulated sectors, such as the pharmaceutical manufacturing industry, are keen to capitalise on next generation equipment but are also resistant to change. The data logger is no exception to this.

Nevertheless, the desire to unlock the benefits of reliability, automation, versatility and efficiency of these devices comes with (what is thought to be) an equal disadvantage of data security risks. Or so the sector may think! The reality is that cloud-based data loggers are no more of a threat to data security than other smart devices in your network.

In a sector where precise temperature and humidity control is critical, information, hardware and other forms of data are preferably kept local.

Yet, cloud-based data loggers are not and should not be scary, if anything, they offer the highest possible reliability with real-time data capture, robust encryption, integrated compliance, safety and security standards and an ISO 9001 certified QMS. All data is stored and maintained within a SaaS or PaaS infrastructure that is owned and hosted by Microsoft.

In a nutshell, SenseAnywhere have taken all the necessary steps to ensure that their cloud-based data loggers, also known as the AiroSensor, are secure.

Pharmaceutical manufacturers are heavily focused on accessibility, reliability and compliance, all of which can only reach maximum potential through a cloud-based data logger, rather than the locally stored counterparts.

Join us as we navigate the landscape of modern-day temperature and humidity data logging and highlight the compelling advantages of moving towards the cloud-based approach.

The AiroSensor’s ‘cloud’ explained

A cloud based data logger

With SenseAnywhere, your data is safely and securely stored in the cloud. But, what does this actually mean?

Cloud computing has been established since the early 2000’s. Amazon were the first to commercialise the cloud in 2006 with Amazon Web Services (AWS). The concept itself, of bringing people and data closer together through interconnected storage and accessibly from anywhere at any time, is thought to have existed since the 1960’s.

Essentially, the technology allows users to access and store data (along with other applications) over the internet rather than on a local computer or on-premises server. There are instances where an internal server is the only option for absolute safety, such as when handling classified information.

Sectors which manage temperature and humidity are not bound by data sovereignty, federal regulations or classified information; so cloud based data logging is a viable option.

Cloud based data and its security

SenseAnywhere data management is empowered by Microsoft Azure, a cloud platform which is leading the industry with the most comprehensive compliance coverage.

The data captured from each logger is retained for at least five years and for up to 15 years where required, with back-ups performed every five minutes. Azure is ISO9001:2015 certified, which demonstrates the platform’s capability to meet customer requirements in the scientific sector whilst also delivering upon consistent, high quality storage services.

SenseAnywhere is ISO27001 certified, which provides independent assurance that while the AiroSensor is a robust, systematic cloud-based data logger, it is also secure. By approaching data storage as risk-based, SenseAnywhere add a GxP compliance outlook to their products.

GxP processes cover various aspects of technology systems, the data logger is one such example which can be integrated to improve the efficiency and scalability of good laboratory, good manufacturing and good clinical practices. Bound by the rules of GAMP5, FDA CFR Title 21 Part 11 and EU GMP Annex 11, SenseAnywhere can provide the regulatory compliance documentation of their software as requested. Working closely with the sector to highlight data related risks in practice, means the ongoing auditing and validation of the AiroSensor and its cloud storage software will continue to serve at the forefront of confidentiality, integrity and safe accessibility. Find out more here.

Ensuring the data loggers are completely secure is essential as failures in this area can not only compromise the data on the device but can provide a route into the wider IT network itself. So, not only does the SenseAnywhere the data logger meet regulatory requirements, the AiroSensor hardware has undergone independent cyber security testing itself. This process subjects the logger to all manner of ‘hack attacks’ attempting to penetrate the hardware and intercept data.

It’s recognised that large pharmaceutical organisations will hesitate on the aspect of losing an element of data control during the investment process of choosing a cloud-based data logger. In actual fact, the control is not lost, rather the responsibility is shifted from internal, local control to outsourced data security and storage control performed by the device provider.

This is where choosing the right cloud-based data logger becomes critical in ensuring a smooth handover of data security. At Withnell Sensors, we ensure that the advice and guidance we offer our customers is nonbiased. If you’re interested in automating your data logging processes through a cloud-based device, discuss your requirements with us first.

Our partnership with SenseAnywhere, and the expansive AiroSensor customer-base, highlights the suitability of their data logger to service highly regulated sectors where safe and secure data is paramount. Find out if this sensor is ideal for your sector, get in touch!

In the meantime, we’ve compiled some of the most common questions we encounter from pharmaceutical organisations relating to the data security of the AiroSensor cloud:

Cloud-based data loggers Q&A

Your questions answered!

What encryption methods are used to protect data?

Sensor data is stored using transparent data encryption which performs real-time I/O encryption and decryption of the data, log files and back-ups. TDE complies with many laws, regulations and guidelines across various sectors. Using proprietary encryption algorithms, data is encrypted as payload. You can find out more here.

How does SenseAnywhere ensure the security of their products and any data centres?

Data centres are located across Europe, the database is triple redundant. All hardware, firmware and software in SenseAnywhere products has been developed in the Netherlands and is owned by SenseAnywhere.

Is the cloud service compliant with industry standards and regulations such as FDA, GxP, and CFR 21 Part 11?

Yes. SenseAnywhere has a separate document in FDA compliance of their software. Get in touch with us and we can arrange for a copy for your perusal.

Can SenseAnywhere offer documentation and proof of compliance audits?

Microsoft Azure has a service Trust Portal where ISO reports and certificates can be downloaded.-SenseAnywhere ISO 27001 certificate is available and this document is maintained on the online portal for customers to access at any time.

How does the system transfer data to the cloud?

The AiroSensor cloud based data logger wirelessly sends data through an AccessPont to the cloud portal. From there, it is accessible from any smart devices. The AccessPoint is does not interfere with 2.4GHz communications, and is likely to be the safest device on your network.

The device has ruled out a number of features which distinguishes the data logger from other wireless devices in your network, such as PC’s, Notebooks, Wifi AcessPoints, routers, servers and mobile devices, which are a bigger threat to your data and infrastructure. This includes no UBS interface, no 2.4GHz radios, no web interface, no upgradable operating system, all of which would mean the device only operates outgoing traffic on a single HTTP communication port. This allows for easy monitoring and a sealed data stream. Find out more here.

What is the guaranteed uptime provided by the service level agreement (SLA)?

Microsoft’s SLA agreement is an uptime of 99.99% of the database.

What measures are in place to ensure consistent performance and low latency?

You can view the audited controls of the cloud computing service here. This list includes the information security policy, backups, the encryptions, the risk management procedure and more. The database is backed up automatically, every five minutes, and is stored for 35 days. If things were to ever go wrong, Microsoft can restore any backup of the database almost immediately. Rest assured your data will never be more than five minutes old!