Need to Know: Control Who Sees What in Your LIMS
By Chris Casper
Laboratory information security is not merely a question of who can access your systems. What you allow people to access once they are in matters just as much. In a previous blog post, we discussed the first pillar of access control: authentication, or the process of verifying user identity. In this post, we will discuss the second pillar, authorization, and explain how to manage user privileges in a LabLynx laboratory information management system (LIMS).
Access control is one element in a larger LIMS security strategy. Download the Guide to Lab Security with a LIMS for a more comprehensive introduction to the topic.
What is authorization?
Once a person’s identity has been confirmed, security systems use authorization processes to grant access privileges to specific resources. A laboratory has authorization policies to control physical access to its facilities. All employees may enter the front door. Only certain employees, however, may access the lab’s Biosafety Level 3 facility.
Laboratories also use authorization to control access to their information systems. Limiting who may access client data, testing workflows, and other laboratory processes minimizes security risks. Stolen passwords and other security breaches will not expose all information the lab stores.
Information security becomes easier to manage when labs consolidate their processes in a cloud-based LIMS. All data and workflows are now in one system, protected by advanced encryption and dedicated security measures. Only those authorized to use the LIMS get user accounts, further limiting access.
Least-privileged access in the laboratory
You can improve the security of your lab’s sensitive information by applying the principle of least-privileged access. Rather than giving people broad access privileges, you restrict their access to the systems and data they need to do their jobs. Consider the many kinds of employees who might work in your lab:
- Customer service staff,
- Laboratory technician,
- Research scientist,
- Research contractor, and
- Accounts payable administrator.
Each person needs access to information and processes within your LIMS, but they do not need access to the same information and processes. Your authorization policies should limit which employees can access which aspects of your LIMS software.
Issuing these authorizations on a user-by-user basis becomes unmanageable and can impact security. Privilege creep is the slow accumulation of access privileges as people move from one job to another in the organization. They get the access they need for their new position but never lose the privileges from the old jobs. As a result, a compromised password gives hackers broader access to sensitive data.
Role-based access control in a LabLynx LIMS
A better way to implement least-privileged access control is by developing role-based access policies. Rather than setting up each user individually, their accounts are associated with access policies for a given role.
For example, your lab’s customer service reps need access to the customer database. On the other hand, your analytical staff may not need to see customer information at all.
With LabLynx’s deep configurability, you can create user profiles that enforce granular, role-based access policies.
LIMS Menu
A hierarchical menu of folders lets users navigate the LIMS browser interface. Depending on your LIMS solution, the entire menu could have dozens of nested folders. Rather than overwhelm your staff with this complexity, you can define which folders each user profile may see.
Users assigned to the customer service profile, for example, would see folders for contact and order management. Laboratory technicians, on the other hand, would only see folders associated with testing processes.
Module visibility
Each folder contains several modules that power your LabLynx LIMS capabilities. You can control which of these modules each user profile may access.
For example, the Sample Custody folder includes a Sample Tracking module and a Storage Locations module. The former is an operational feature where your staff logs the movement of samples in your lab. The latter is an administrative module that defines your lab’s sample storage locations. A laboratory technician profile would only let users see the Sample Tracking module. Only your LIMS administrator would see the Storage Location module.
List screens and detail screens
Each module uses a combination of list screens and detail screens to let users interact with the LabLynx LIMS software. You have complete control over what aspects of each screen users can see or modify. Data fields and controls can be hidden, read-only, or read/write.
When analysts access the Report module, for example, they would see controls for creating and submitting a new report. Only laboratory supervisors would see the controls for approving a report.
Scenarios for role-based access in a LabLynx LIMS
What follows are a few theoretical but realistic scenarios that demonstrate how the LabLynx ELab LIMS effectively manages role-based access in a laboratory.
Floating assignments
Large laboratories with multiple sites may have employees who rotate across locations as staffing needs change. Giving those employees LIMS access for every location seems easier but increases security risk. They only need to use the LIMS resources at their assigned location.
Instead, the lab’s LIMS administrator switches those employees to a location-specific user profile with each new assignment. The employees lose LIMS access at their former location while getting everything they need to work at the new location.
Break-glass authority
The faster IT teams can identify and mitigate a security breach, the less disruptive the attack will be to business operations. Someone on the laboratory’s staff will need access to reports and data within the LIMS. They may also need the ability to reconfigure the LIMS to keep the lab running while networks are offline. Giving someone that kind of access on an everyday basis would be risky. One stolen password would let hackers exfiltrate customer and employee data.
A better practice calls for a user profile with “break-glass” or emergency authority. The lab’s incident response personnel get reassigned to this profile when an incident occurs. They get the full access they need to assist the investigation and recovery efforts. After the incident, they revert to their normal profile with limited access.
Separation of duties
Access controls can separate duties so a single account cannot abuse the system. Laboratories can do this in a LabLynx ELab LIMS by assigning initiating and approving abilities to separate user profiles. Profile-based separation of duties can limit hackers’ abilities to inflict financial damage.
For example, laboratories can get a LabLynx ELab LIMS solution with accounting capabilities. An office administrator profile would allow someone to create a payment but not its approval. The opposite permissions would let the business manager profile approve payments but not create them. Hackers would need to steal login credentials from two employees before they could transfer funds out of the lab’s bank accounts.
In closing …
LabLynx ELab LIMS software solutions offer robust controls over access to your lab’s sensitive data. User profiles with granular access privileges limit the information and processes your staff may access and minimize the impact of stolen passwords and other cyberattacks.
To learn more about LabLynx’s contribution to laboratory information security, download the Guide to Lab Security with a LIMS.
