BioMedIT Security Resources

BioMedIT exists in order to enable and empower safe research using personal health data, in order to support improved future healthcare. The use of personal data means that security must be a priority, but security in such an environment is not simple. The BioMedIT Information Security Policy provides a comprehensive security framework for the use of sensitive data for research using the BioMedIT infrastructures.

Data providing institutions are securely connected to the network to enable secured sharing of sensitive research data over the BioMedIT infrastructure. Each Data Provider has one landing zone to where encrypted and signed data packages are sent, generally via Secure File Transfer Protocol (SFTP) from whitelisted IP addresses. To facilitate end-to-end encrypted and standardized data transfers throughout the whole network, the BioMedIT Interoperability Working Group (BIWG) developed and maintains sett (Secure Encryption and Transfer Tool), a tool to support the full process of secure data transfer with both a graphical user interface (GUI) and a command line interface (CLI).

New BioMedIT users must demonstrate an understanding of the responsible use of health-related data for research by passing a mandatory exam before their user account is validated. Project Leaders can then grant authorized users access to project spaces. The Data Privacy and IT Security Training accompanying the exam is offered as both online training or as classroom based courses regularly hosted in different cities across Switzerland.

Authorized users access the BioMedIT Portal using a SWITCH edu-ID account with two factor authentication. Additionally, the BioMedIT Network can only be accessed from within trusted IT environments (e.g. from within a Swiss university or university hospital network or via VPN).

Data security in the BioMedIT nodes is principally based on allocation of project-specific IT resources within an access-controlled, private, virtual environment offering network isolation, data isolation and computational resources isolation (private tenant). Shared tenants are only permitted in those cases where there is a specific authorization. A private tenant ensures that data stored in one project space cannot be shared – intentionally or by accident - with another project. Users can then connect to B-spaces (project spaces) for which they are specifically authorized via a virtual desktop with a graphical interface or a virtual terminal session. Access to the Internet from the B-space is strictly controlled, limited to trusted and explicitly white-listed web resources. Encrypted backups of the data are done on a regular basis. By default, direct Secure Shell (SSH) access is not permitted but can be enabled in exceptional, authorized cases and to specific project spaces.

The security concepts of the individual nodes are available upon request from the Data Coordination Center.

Life sciences applications and tools packaged with OCI compatible container technology can be supported in BioMedIT provided the Container Security Guidelines are followed. This document sets out the security considerations, configurations and recommendations necessary for running containerized applications inside BioMedIT secure project spaces or on internet-accessible machines providing BioMedIT related services.