Account Access

  • All users are verified before being allowed access to ERGO resources.

  • We do not store passwords at any time, only their hashes with a salt.

  • All network connections to ERGO infrastructure are actively monitored.

Data Storage and Transmission 

  • All client data is transferred encrypted via HTTPS.

  • All client data is encrypted at rest using a 256 bit AES key

  • All hardware is securely erased using U.S. Department of Defense standards before disposal or reuse.

Data Integrity and Retention

  • All client data is backed up in secured cloud storage, encrypted at all times with AES 256 bit keys.

  • Client data is verified using either md5 or sha1-sum hashes after transfers to ensure data integrity.

  • Encrypted Client data may be transferred to and stored at data centers in Chicago, New York City, or Sacramento.

  • Client data is kept for up to 12 months after expiration of ERGO license or a project.

  • Specific client data can be purged upon client request but may be resident in encrypted backups for up to 3 months.

Employee Access

  • Access to client data is provided through multi-factor authentication.

  • Access is granted by the principle of least privilege based upon job function.

  • Any access to client data is closely monitored.

 Data Centers

  •  Igenbio carefully select our data center partners and ensure they meet the highest standards of physical and data security.

  • All data centers that store client data:

    • 24/7 Security on premises

    • Video security and monitoring

    • Battery and generator backups

    • Temperature Controls

    • Multiple layers of physical security, such as “Man traps.”

  • More specific information about the data centers that contain your data can be provided upon request.