Boon Edam Blog | June 2020
Security in the medical industry can be difficult to manage, especially in both research centres and pharmaceutical centres where masses of classified data and potentially dangerous materials are accessed daily. Fortunately, advances in technology have allowed for more significant security measures to be put in place. Yet an entryway is the first point of contact for those wishing to enter either a research or pharmaceutical centre, meaning attention should be paid to how security can be improved there.
Not only is security important in medical research centres to protect staff, but it also plays a substantial role in protecting the centre’s data and contents.
Research centres contain masses amounts of data with much of it highly classified and not available to the general public. Various research products are also likely to contain large amounts of personal data of those involved in the project, from the patients involved in the test to those conducting the research themselves. As such, the issue of security from a GDPR view is also a consideration.
Security for research centres, from both a physical and cybersecurity perspective, is therefore essential. We only need look back to 2017 to see the potential effects of poor cybersecurity practices, where the WannaCry ransomware attack on the NHS and various other medical companies resulted in huge losses of data and a total cost of £92 million to fix the problem.
While cyber-attacks are on the rise, the knee jerk reaction for many in the medical research field is to solely focus on cybersecurity. While it should form a part of your security plan, it should be combined with effective physical security measures to ensure you are protected from both types of potential attacks.
Theft or diversion of sensitive data or materials is not solely a cybersecurity issue. Research centres still run the risk of losing their research, leading to potentially falling behind on years of work. What’s more, many research centres rarely work independently; losing valuable data or resources can then have a knock-on effect on other research centres who work collaboratively with one that suffers a security incident.
The solution for research centres is not to ignore cybersecurity but to combine it with effective physical security to create a plan that helps prevent attacks inside and outside of the building itself. Take the Francis Crick Institute, an infamous biomedical research centre located in London. There was a great need for a multi-layered security plan to help protect all of which is held inside the institution. This is where a combination of both physical and cyber-security solutions come together.
As well as enforcing several cybersecurity processes, the institute also opted for a new entryway system to boost their physical security. Five Automatic Crystal Tourniket’s were installed as the first layer, all equipped with external night locking technology to ensure security remains a priority even after standard working hours. Composed of laminated and toughened glass, the revolving doors can withstand heavy forces while without any negative impact on both the look and usability of the building itself.
But what of pharmaceutical companies? With a market worth approximately $934.8 billion, it’s big business - which also means it’s a big target.
Alongside the risk of theft and diversion, pharmaceutical companies face additional issues due to the nature of business. These include the risk of release of potentially dangerous chemicals or materials, which could have adverse consequences on public health, as well as an impact on the government to deliver essential health services should important pharmaceutical medicines and materials become unavailable.
Much like with research centres, the risk entails both a physical and cybersecurity aspect, where while cybercriminals are drawn to the possibility of stealing valuable intellectual property, the risk of criminals physically entering the building to steal goods or data is still very much a threat to an industry that relies heavily both on protecting its bottom line and reputation.
From a cybersecurity perspective, pharmaceutical companies should work to encrypt valuable data, as well as ensuring all staff are equipped with both strong and encrypted passwords to minimise the risk of cybercriminals gaining access to them. When it comes to physical security, pharmaceutical companies should work to enforce high levels of security through access control systems to better regulate and manage the flow of people entering and exiting the building.
Pharm Research Associates Ltd, a research centre that operates across the UK, recently incorporated these ideas into their security plan with the help of the team at Boon Edam UK. Upon evaluating the range of entry options available, the Tourlock, a door with four wings and a one-way weight system was chosen. This allowed the company to better monitor who was entering and exiting the research centre, as well as ensuring no one entered unauthorised due to the Tourlocks biometrics reader, as well as the weight system with a pre-defined weight limit to prevent tailgating or piggybacking.
For more information on how we could help with your security needs, contact us today.