Security runs within your secure network security

Built with security in mind

The platform is hosted entirely within your network and your cloud. Source data storage and access is tightly controlled in your secure environment.

Data Flow

Full control over your data

Your data stays within your secure network. It’s imported to the cluster and securely transmitted to Analysis Platform and Developer Studio via SSL.

Ingestion of source data (AWS example)

The Analysis Platform will ingest the source data from the databases already in place. The data is transformed into the format and stored on the EFS volume which is encrypted via AWS KMS. Periodic backups will transfer the data in format to the S3 bucket. The bucket is encrypted via AWS KMS. All data transfers are encrypted via TLS. cluster (AWS example)

AWS EC2 instances run the Analysis Platform. It connects to your data, imports and indexes it, and provides query results to the Analysis Platform via SSL.

Git Server & Backups

Git server data products are defined in JSON source code and stored in your git server. When a developer pushes changes to your git repository, your git server triggers (via a webhook) the cluster to pull the changes and deploy them.

Backup capabilities

The cluster backs up its configuration and user-generated data daily.

Isolated Environment

Limited internet exposure

You do not need to expose the Analysis Platform outside of your private networks, and you can use your VPNs or IP whitelisting to limit Internet exposure of your environment.

Limited internet access

Create a compliant analytics workspace within your secure, private network. The cluster only makes outbound requests to the internet to download application software from and ancillary open source components from hosts such as the Docker Registry.

Secure Access Analysis Platform access

End-users are authenticated through your SSO, and use the Analysis Platform and API protected with HTTPS/TLS 1.2. The Analysis Platform uses an Oauth Bearer token and the SDK uses an API key over HTTPS Basic Authentication. Access to sites, data products, and analysis apps are defined in the admin area of the Analysis Platform.

Data and analytics access

Since your end-users can only access the Analysis Platform using SSO, they can be limited to what data products and analysis apps they can see.

Analysis history

All of the analysis activities, such as analysis results and cohorts, are automatically saved to your end-user’s account. This means that you retain their analysis history even when they transition out of your team.

Development Studio

Integrate a secure Jupyter hub environment to the Analysis Platform in your security private network. Your developers then use secure API keys to access the data, which are tied to your SSO user authorizations and privileges.

Admin Functions

Your Analysis Platform Administrator

Your designated site administrators can add your SSO users to Analysis Platform and datasets, and determine what analysis protocols they’re allowed to run.

Tag.Bio Deployment Administration

You can authorize a systems administrator to deploy, upgrade, monitor, and troubleshoot the Analysis Platform running in your network. The administrator will use network and cloud credentials that you issue and manage. The platform can be deployed on your standard system images according to your organization’s policy.

Let’s get the conversation started

From a 30-minute demo to an inquiry about our 4-week pilot project, we are here to answer all of your questions!