Defense in Depth
In the face of cyberattacks and emerging threats, Revvity Signals protects customer data with a combination of the most trusted tools, policies, and the IT industry’s best practices. The overall security strategy utilizes a “defense in depth” much like a fortified castle, as it employs numerous layers of protection to block unauthorized access. This approach ensures that even in the unlikely event that a threat actor breaches one layer of defense, they will encounter additional barriers that protect valuable customer data.
Revvity Signals adopts a Zero Trust security model, which mandates the authentication of all users involved in data transactions. This includes:
- Weekly vulnerability scans to detect and patch potential issues, minimizing vulnerability windows.
- AES256-bit encryption across the product portfolio secures data at rest and in motion.
- Data segregation and data classification to support the principal of least privilege. Authorized users access only what they need – and nothing else.
- Automated backups every eight hours for business continuity and robust disaster recovery.
Virtual machines are diligently protected through patching, IP restriction, and whitelisting, ensuring that only authorized users have access. The platform administrator handles account creation and role-based access.
Hosts are secured with weekly Vulnerability Scanning to identify security weaknesses and flaws in systems and the third-party software running on them. Vulnerability scanning protects the organization from security breaches and the exposure of Sensitive Data. There are three types of vulnerability scans done weekly: Host, Web application, and network Perimeter scans.