Illumina works with Amazon Web Services (AWS), the leader in cloud-based infrastructure. AWS hosts customer-facing services and critical operations for both private industry and US government departments, including Treasury, DOE, and State. Amazon security processes and standards are publicly available for review. AWS standards and accreditation include:
SOC 1/SSAE 16/ISAE 3402 (auditing)
FISMA moderate (US Federal Government; for reference, the NIH data centers are rated FISMA moderate)
PCI DSS Level 1 (electronic payments)
ISO 27001 (international security standard)
FIPS 140-2 (encryption)
Also, security staff and controlled access procedures protect AWS data centers. Staff with system access undergoes background checks, and all hardware is located behind firewalls that are configured by default to block all traffic. Operating security patches are automatically applied to AWS servers, including BaseSpace Sequence Hub servers. AWS actively monitors its firewalls to check for vulnerabilities, a service beyond the resources of most institutions. BaseSpace Sequence Hub encrypts all data, something that is rarely done in the institutional IT setting.