Artwork Management? On the Cloud, please

Photo by Massimo Botturi on Unsplash

If you follow the news, you will have heard of the cyber attacks that many pharmaceutical companies suffered in since a few years. The pandemic, and the sheer need to work from home and for employees to remotely access their valuable data, left companies that were not well prepared for this change in terms of security measures, highly unprotected for these schemes.

Besides the obvious consequences of data loss, and potential stolen intellectual property, there are other larger results like job losses and regulatory fines. However, companies’ reputation and brand can be also affected. According to this Forbes Insight report, 46% of organizations had suffered damage to their reputation as a result of a data breach.

One of our customers was the target of such cyber attacks in 2022. A lot of their data which was sitting in internal servers was compromised, affecting several areas within the company. Employees could not access data for days, and loss of information was experienced. Luckily, the Artwork and Regulatory teams were dealing with their packaging designs using our cloud-based Artwork Management System, so they could continue working normally and no data was lost for them.

Even though the Artwork Management Software Market Share is Expected to Grow at a CAGR of 9.0% 2022 to 2028, using Cloud technologies is not always a given for Life Sciences companies. Many of them do not consider a SaaS solution when looking at a change on their artwork management system, and insist on having it installed in their own servers. The main reason for this is that they consider they can have a better control on the application, and they believe it will be more secure.

Wrong.

More secured?

Cloud service providers offer heavy physical security measures to protect their data centers: advanced security systems, including biometric authentication, surveillance cameras, or 24/7 monitoring. They also have redundancy in place to ensure that data is not lost due to natural disasters or other events. Providers will also hire security professionals solely dedicated to ensuring that their infrastructure and services are secure; and since they have access to the latest security technologies, adapting to new threats is very quick.

More control?

When it comes to “having more control” over the solution, the reality shows that, often, organizations rely on manual processes to detect any unusual activity, which can be time-consuming, prone to errors, and too late when a serious problem occurs. Cloud service providers on the contrary, have continuous monitoring in place to detect any unauthorized access or unusual activity. They use advanced security technologies such as intrusion detection and prevention systems, firewalls, and access controls. And they have the time and resources to continuosly do security audits and vulnerability assessments to identify and address any weaknesses in their infrastructure.

Furthermore, on-premise solutions may not be updated regularly, leaving them vulnerable to new threats. When updates do occur, systems often need to be shut down for a period of time, and users are not allowed to log in until the changes have been implemented and tested on the production environments. Cloud solutions are constantly being improved, and most changes do not require a full stop of system usage, as often new releases can be done within a few minutes and are transparent for the common user. This, in consequence, means that updates on cloud solutions tend to happen on a more regular basis.

One other set back for on premise solutions is that organizations may not have the resources available to scale up in case of increased usage or large growth, as this requires investing in additional own hardware and infrastructure for which one may not have the money or the floor space for! In a cloud environment, one can quickly add or remove storage capacity based on requirements without needing any extra space, and at a fraction of the cost of own infrastructure.

Considering all the above, we believe – and hope that we have also given you enough reasons to believe the same – that Cloud solutions are a better, more flexible and economical solution for companies looking at updating their Artwork Management platforms.

Our solution, Twona, is a SaaS solution, and hosted in the cloud. We review the infrastructure underneath it regularly, to make sure it is upgraded to the latest at any given time, and constantly work on ways to improve our solutions performance based on these. And, if you still need some more reassurance, I would like to add as a final notes that at Twona, we have a recovery protocol whereby in a matter of hours, we are able to replicate our set up and get our clients functioning again.

Two Factor or not two factor … that is the question

Image created with Midjourney

Did you know that there are almost 1,000 attempts to hack account passwords every single second?

That is 1,000 now

… and 1,000 now,

… and 1,000 now.

In today’s world where cyber threats are on the rise, companies must prioritize the protection of their data and systems. Implementing a Two-Factor Authentication model is a sensible way to make sure that your tools, data and information are secure.

So, what is Two-Factor Authentication?

Two-Factor Authentication (2FA) is a security process that requires users to provide two forms of identification to access their accounts. You can see it as an extra layer of security that makes it harder for hackers to gain access to sensitive information such as username and passwords, as well as critical company data.

Why should you use a 2FA process?

Here are a few reasons why it may be important for your company to consider this option:

  1. Enhanced security

    2FA adds an extra level of security to the login process. With it, in order to access an account, a hacker would need to have both the password and the second factor (a one-time code sent by email, phone, or generated by an authentication app). This makes it much harder for a hacker to gain unauthorized access.
  2. Prevents account takeovers

    Account takeovers occur when a hacker gains access to a user’s account and can cause significant damage to the company’s systems, data, and/or its reputation and brand image. With 2FA, even if a hacker obtains a user’s password, they will not be able to access the account without the second factor.
  3. Meets industry standards/ requirements

    This may be one of the reasons why many companies are implementing a 2FA protocol. For industries with very strict requirements (or even regulations) regarding data security, companies may be required to use 2FA to be in compliance.

    By using 2FA, companies can demonstrate their commitment to data security and avoid potential fines and penalties for non-compliance.
  4. Easy to implement

    2FA can be easily implemented for most systems and tools, and many already have built-in 2FA options. In many cases, users simply need to enable 2FA in their account settings, and they’re good to go!
  5. Improves user trust

    By using 2FA, companies can show their customers, users, and partners that they are committed to protecting their sensitive information. This can build trust and improve customer satisfaction, as users will feel more confident that their information is secure.

Are you in charge of making these decisions, or at least, of bringing the discussion around it in your organization? A word of warning for you then: It is possible that some users would be a bit against the implementation of 2FA, as it requires an extra step. Imagine that because some users decide that taking 2 extra seconds to verify a code on their email is too long, and this protocol is not implemented, and this user’s computer gets hacked and access to your data is obtained. Was it worth it? I bet it would not be. As the saying goes… it is always better to be safe, than sorry.