Skip to content

Keeping spectrometers secure and research data accessible

Keep your spectrometers in a secured and isolated network, while easily managing and securing access your scientific data.

Managing research instruments can be an onerous and trying task, especially when it comes to keeping the instruments and the experimental data safe yet accessible. Instruments need to be protected from external malware and other interactions such as undesired automatic updates. Consequently, one challenge is preventing the instruments from communicating with the outside world, while at the same time giving specific and tailored data access to lab people or collaborators.

Create an isolated network to secure your research instruments

Limiting the device’s access to a specifically defined user group is not that hard. This can be achieved by e.g. limiting network access to a specific group of PCs (via a defined IP range), in addition to enforcing user authentication when trying to access an instrument. While this approach keeps the instrument and data safe from undesired external access, it does not keep the device from communicating with the outside world. In surprisingly frequent cases, updates to an instruments operating system need to be avoided, because the instrument’s driver and controlling software is only supported on very specific (and often outdated) versions of an operating system.

Here, external access can be prevented by isolating the research instruments from the web. However, as a consequence, the users are at the same time prevented from accessing and downloading their data. It is due to these kind of scenarios that a surprisingly high number of scientific groups still need to utilise a USB stick to transfer data from one PC to another.

Access your data via LOGS

Fortunately, there is a way to place the instruments in an isolated network, yet at the same time give users access to their data using internet access. A separate network for the research instruments can be maintained, and a safe connection to the lab network and possibly the internet provided using a central LOGS server featuring two network interfaces (see figure). This way there is no direct communication between both networks, while the LOGS server still has access to both networks. With this solution, the research instruments and data are safe, while allowing users to access and work with their data via the LOGS web interface.