![GenScript’s Information Security]( "GenScript’s Information Security")
GenScript’s
Information Security
Support »
GenScript’s Information Security
Overview of Information Security Policy
At GenScript, we are dedicated to securing our systems and protecting data integrity, guided by
the core principles of the NIST Cybersecurity Framework and ISO 27001 standards. Information security and
privacy protection lay the foundation for corporate compliance and sustainable operations. Our policies
ensure robust protection, thorough risk management, and continuous improvement across all our processes.
Information Security Management Organization
We have established an organizational structure for information security, which comprises the
Information Security & Data Compliance Committee, Biosafety Committee, the Information Security Department,
and IT Department and assessed teams.
Information Security & Data Compliance Committee
Review and approve the information security strategy and goals, facilitate
multi-functional cooperation, and coordinate relevant efforts
Information Security Department
Develop risk assessment plans, implement risk assessments, and develop risk
mitigation plans
IT teams and
assessed teams
Identify information assets and undergo information security risk assessments
GenScript Data Security Policy
Our Data Security System covers the following areas:
Definition
We analyze organizational and industry policies to establish norms for data usage
and
define what constitutes sensitive data.
Identification
This involves positioning and classifying data according to its sensitivity and
defining data protection levels accordingly.
Control
We enforce strict controls throughout the data lifecycle, employing policies and
a
management platform for meticulous authority oversight.
Supervision
Our systems ensure data is used appropriately within its intended bounds and log
any
unauthorized data activities for evidence and review.
Practice
We continuously monitor data, adapting our strategies to ensure operational
continuity and security resilience.
In 2023, we enhanced our routine information security protocols, rigorously auditing outbound communications and data transactions. This also included improving our channels for reporting information security incidents and mitigate data leak risks:
Optimize the permission management policy for outbound emails, and disable outbound emails by
default unless external communication is necessary for work
Minimize privileged accounts that are not necessary for work, and define requirements in the IT
System Privileged Account Management Process
Inspect the installation of social media software across the Group, and
uninstall
software for those who have not applied for permission or whose permission has expired
Deploy a data backup and recovery system to prevent ransomware risks and ensure timely data recovery
and business continuity
Incident Response Plan
Our structured incident management protocol includes:
Incident Discovery
Employees are required to report any observed or suspected security
vulnerabilities immediately to the Information Security Department.
Security Incident Report
Discovered incidents are promptly reported by the discovering employee
directly to the Information Security Department or through designated channels.
Security Incident Response
Our teams collaborate to swiftly address and mitigate any security
incidents, minimizing potential impacts efficiently.
GenScript Privacy Policy
As a global biotech leader, GenScript diligently adheres to the laws and regulations governing
digital assets and personal data privacy across all the countries and regions in which we operate. A
cornerstone of our commitment to our customers is the protection of their privacy. To this end, we have
developed a robust customer information security protection system that isolates and desensitizes personal
data, thereby preventing any potential data breaches.
Collection
Minimize the collection of customer data
Use
Inform customers of the scope of data use
Deletion
Allow customers to delete personal data
Storage
Ensure safe and stable data storage
Our publicly accessible Privacy Policy articulates the foundational principles governing the
collection, use, and storage of customer data, ensuring transparency and trust. We process customer data
strictly to the extent necessary, minimizing it to what is reasonable and essential for our operations.
Moreover, our contracts with customers incorporate specific privacy protection clauses, further securing
their personal information and reinforcing our dedication to their data security.
Our ongoing efforts include the publication of the Data Security White Paper, which outlines
our comprehensive data security management practices across the business and customer data lifecycle. We
also maintain multiple global data storage centers to ensure local data storage compliance and minimize
cross-border data transfer risks.
To guarantee exceptional production quality and ensure comprehensive traceability, ProBio
has
implemented a dual system architecture. This advanced system is designed to fulfill the stringent
information security and validation standards required under the Good Manufacturing Practice (GMP)
guidelines, applicable globally. This deployment not only optimizes our operational efficiencies but also
aligns with best practices in data integrity and security within the manufacturing sector. ProBio has been
honored with the prestigious “Emerging Enterprise Award by Supply Chain” from the Harvard Business Review,
highlighting our leadership in leveraging technology to enhance our supply chain operations.
Most Popular Products
CRISPR Gene Editing
Antibodies
Protein Electrophoresis and Blotting
Molecular Biology
Stable Cell Lines
Cell Therapy
Diagnostics
Resources
