Data and Application Security

Because of the proprietary and sensitive nature of our customer’s research data, we have designed and developed Climb with privacy and security in mind from the ground up. We understand the importance of keeping your data secure and are committed to utilizing industry-standard best practices in application development, maintenance, and hosting.

We put significant resources into reviewing and improving the security and privacy of the Climb system components so we can maintain the high level of trust that our customers expect. Download our Security White Paper to learn more!

Data Assurance

We understand our customers use Climb to store and manage sensitive, critical data and we consider the confidentiality of your data to be of the utmost importance.

The Climb application has been built with data security in mind, including features such as:

  • Each Climb workgroup is provisioned with a standalone database containing only that workgroup’s data
  • Automated data audit logging provides an audit trail for all data changes in support of regulatory compliance
  • Accessible only via secure protocol, so all data transmitted between the Climb database and the browser is encrypted

Secure Cloud Provider

Climb is hosted by Microsoft Azure, providing a secure and reliable server infrastructure and resource management service. Microsoft’s advanced data centers utilize state-of-the-art survelliance, access control, and 24 x 7 x 365 security monitoring.

Azure provides the most comprehensive set of compliance offerings (including certifications and attestations) of any cloud service provider, including:

  • ISO 27001 certification
  • FDA 21 CFR Part 11
  • Annual SOC 1 and SOC 2 audits
  • FedRAMP

Service Uptime and Disaster Recovery

Climb and the Azure platform have a 99.95% uptime to minimize disruptions to your workflow. Automated database backups allow point-in-time restore to within 15 minute intervals going back 30 days.

Real-time geo-replication of all data protects against lost research caused by regional disasters.

  • Application resources are monitored constantly and the RockStep technical team is alerted if issues arise
  • Threat detection alerts administrators of unusual activities that may compromise data privacy or integrity

Access Control

Along with industry best-practices for authentication and authorization, Climb allows administrative users to define user roles in their workgroup. Each role may be configured to have a custom set of access privileges to application functionality.

  • Roles can provide no access, read-only access, or read/write access to each set of application functionality
  • Single Sign-On (SSO) available
  • Integration with enterprise authentication systems
  • Data are encrypted in flight and at rest; optional user managed encryption keys

Ready to learn more about how Climb can help your lab get more science done?