Protecting our Data and Systems
Thermo Fisher Scientific invests a significant amount of time and effort in developing and deploying secure platforms to meet the needs of our customers. We utilize a defense-in-depth approach to security, which ensures no protective mechanism is a single point of failure. Our protection systems are broken into several areas: network, infrastructure, data protection, and data center management.
Network protections
- Redundant firewalls
- Intrusion detection and prevention
- Distributed denial of service protection
- Web application firewalls for externally facing websites and applications
Data protection
- Use of encryption for data at rest and data in transit where necessary
- Standardized processes for sanitization and destruction of assets
- Employees and contractors are granted access to systems and applications on a strict need-to-know basis to protect confidentiality, integrity, and availability of customer and internal data.
Server/client endpoint protection
- Anti-virus/anti-malware
- Next-generation endpoint security for advanced threat detection, protection, and response
- Web content filtering for all employees and contractors
- Spam/malicious email blocking
- Continuous operating system patching
- Standard equipment configuration
Data Center management
- Maintain ISO 27001 certification for our North American Data Center
- 24x7 staffing with strict access control systems and procedures
- Full environmental management with redundant power backups