<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=384506&amp;fmt=gif">
Skip to content
Search
{
Book a Demo
    Book a Demo

      Security

      Your IP is important

      Protecting the security, privacy, and availability of our customers’ data is always our top priority. Our software, infrastructure, and policies are designed to ensure the highest levels of security and privacy—reassuring our customers that they can rely on CDD to safeguard their data.

      Chemical structure and bioassay data are not only highly sensitive intellectual property (IP) but also critical to the continuity and survival of many companies’ businesses.

      Many leading research organizations, including private companies, universities, and foundations, entrust CDD with their sensitive IP. Before they became CDD customers, many of these organizations questioned the idea of allowing their sensitive data to be hosted by an outside party. Several conducted extensive due diligence, scrutinizing both our technology and our company. Their conclusion: CDD’s hosted service protects IP even more reliably than most in-house systems.

      Collaborate securely with your partners

      Large companies often have the IT resources necessary to avoid these issues and to create a secure perimeter around their IP. That perimeter, however, typically does not provide a suitable mechanism for employees to collaborate securely with academic groups or other organizations outside the company’s firewall. To collaborate, employees may resort to insecure practices (e.g., emailing datasets or creating firewall exceptions), which can undermine the company’s security infrastructure.

      CDD offers large organizations a secure mechanism to mediate the exchange of data with external collaborators. Maintaining the data in a central, secure database enforces access restrictions and provides an audit trail, unlike ad hoc file exchanges. You can also restrict all web-based access rights exclusively to your organization, excluding even CDD support personnel if desired. If your company exchanges research data with outside collaborators, compare CDD’s software and security scenario not to the ideal of your IT security policies and perimeter, but rather to the reality of how your scientists move data across the perimeter when they collaborate externally.

      We manage your secure and private Vault so you can focus on research

      CDD draws upon the most sophisticated information security technologies available and layers them to create redundant defenses. We test and probe at every level.

      • CDD thoroughly assesses its application code using a combination of manual and automated testing, to make sure your vault is safe from others.
      • CDD Vault is independently tested by third party penetration testers and a large community of bug bounty participants. 
      • CDD encrypts all database and customer file backups using public key cryptography, and the private keys are backed up securely.
      • CDD exclusively uses strong TLS encryption (see our A+ SSLLabs score) to protect all communications with the browser once you visit one of our websites. This prevents potential hackers from “tapping” a data conversation.
      • CDD practices defense in depth so there are always several layers of controls protecting your vault.
      • CDD stores user passwords in our database using strong, one-way encryption hashes.
      • CDD stays current with all security updates to our system software, firmware and operating systems.
      • CDD enforces mandatory password security policies.
      • CDD limits and audits internal access to data servers and superuser accounts.
      • CDD uses as few third party services as possible and they are thoroughly assessed before use.

      See more about CDD’s security in our blog posts

      Trust and Compliance

      CDD maintains a SOC 2 Type 2 report that demonstrates our commitment to protecting customer data through robust controls for security, availability, confidentiality, and process integrity—all aligned with the AICPA Trust Services Criteria.

      ​​AICPA SOC

      The SOC 2 report, along with other security documentation such as penetration test reports and common questionnaires, is available for download in CDD’s Trust Center.

      How to get more information

      Have a question about CDD’s security—or a bug to report? We’d love to hear from you at security@collaborativedrug.com