Threat Vulnerabilities Life Sciences Companies Will Face This Year

lab-worker-hazmat.jpg

Security vulnerabilities at life sciences production facilities can lead to true disasters. Workers are obviously at risk, but thanks to the nature of their business, the physical health of a company's customers is also at risk. When a company serves millions of customers via the production of a medical product or drug, the threat is clearly extreme. Needless to say, life sciences companies are implementing every possible measure to ensure that their products and facilities are not contaminated. Contamination, whether accidental or intentional, is just one type of threat that pharmaceutical companies must guard against. Not the least of which is the protection of intellectual property.

Threats Life Sciences Companies Must Face

Of course, all companies also need to watch out for more standard threats, such as those posed by typical thieves, disgruntled employees, vandals, and the like. The wide variety of threats faced by life sciences companies mandate a multi-pronged approach, well beyond simply putting locks on the doors.

Counteracting Physical Threats

One of the biggest threats faced by those who produce pharmaceuticals and medical equipment is that of product contamination. Typical methods of countering this threat include interlocking doors whereby one door does not open until one is closed, requiring all entrants to wear HAZMAT suits, and carefully cleaning every item that comes into the facility.

Items that can't be cleaned in the typical way are either cleaned with an alternate method or enclosed in plastic to seal them off from the rest of the environment. With efficient and specialized programs in place, the chance of accidental contamination can be significantly mitigated.

Facilities must also protect themselves from intentional contamination of their production lines or outright assaults to their sites. Terrorists may target a production environment because a medicine or vaccine maker's products are widely distributed and can have a significant negative outcome if the products are successfully tampered with and then distributed. Mass contamination would be a disaster. Therefore, a good security program will have plenty of active measures for preventing unauthorized entry into all sensitive areas.

Some of the technologies used include 24/7 third-party video monitoring, on-site video surveillance, dual biometric identity authentication, license plate recognition, inter-locking "lock-out" doors and the use of motion sensors.

It is also important for life sciences companies to remember that not all contamination involves walking into a lab, or a mixing machine and introducing something foreign and potentially deadly into the manufacturing process. Airborne contamination is a very serious risk as well. Because of this, airlock-style doors, extreme filtration on vents, and other such measures are needed.

While terrorists get all the press, it's important to remember that many threats come from people who have no affiliation with terroristic organizations. Instead, disgruntled employees, or people with dangerous mental problems, may attempt an attack the on plant for a variety of reasons - often their reasons are domestic based and are not directly targeted at the firm - even though they and their consumers bear the brunt of the damage. To counteract threats of this nature, people need to be physically screened as they enter the facility and their credentials checked using reliable methods.

Such attacks usually do not involve the planning of sabotage, but the absence of such planning can make preventing these events even more difficult. It is harder to stop these types of events because the perpetrators may be known to plant employees and assumed to be friendly. The majority of crimes are actually prevented while they are still in the planning phases as it presents a period of time for information "leaks" to be detected. Impromptu events have no such planning windows.

Security personnel should be trained to never assume someone is beyond reproach and to remain vigilant even with employees who have been with the company for nearly 30 years. Strict protocols must be followed in the life sciences industry, as the cost of failed security is much too high. Awareness campaigns and training should head off any employees being offended, or feeling like they aren’t trusted.

Protecting Against Corporate Espionage and Data Leaks

Espionage is often harder to combat than contamination because it's never an accident. Life sciences companies have to be proactively protecting their assets and information.

It’s not uncommon for a laptop or mobile device to go missing. Whether stolen or lost, they serve as a very real threat to sensitive information.

Several things can be done to counter this threat. A simple precaution is to restrict the use of company computers to certain rooms and have security personnel prevent people from taking the machines out when they leave the designated area.

Unfortunately, even the best guards can miss it when someone slips a small item like a laptop or tablet underneath clothing. Therefore, it's good to add layers of higher technology to the effort.

Even with the best physical security measures in place, it's still possible for spies and hackers to bypass security. When the physical security is ironclad, breaches can be accomplished through social engineering. With this method, the spy will basically con someone into giving up a password or even handing over a device. Therefore, it's extremely important to train all personnel to stick to the established protocols – no matter how good, or tear-jerking, someone's story may be.

By implementing a wide variety of tough security measures, life sciences companies can mitigate the risks associated with all of the common threats they face. While it may seem costly to put all of these different measures and high-tech options into action, the cost of not doing so is far worse.

Proactive Security Measures are Best

If even one batch of medicine, vaccines, or other products gets contaminated, the FDA will require the entire factory to be shut down until it can be absolutely certified as sterile and production-ready once again. This can take months on end and cost a company millions (if not billions) of dollars in lost revenue and remediation.

Even worse, if a contaminated product slips out into the market, people can be sickened, or killed, when the product is used. The obvious human cost isn't the end of the problems when this happens. Expensive class-action suits can follow.

For most life sciences companies, security is already a high-priority issue. However, in-house talent may be limited in their knowledge of new and emerging threats. A trusted advisor on the subject matter expert should be consulted, and comprehensive physical, technical and risk assessments - followed by a gap analysis - should be done at regular intervals. Threats are constantly evolving and the solutions to meet these threats need to be updated with the same frequency.


ebook-modern_enterprise_3d_cut.png
FREE EBOOK

The Modern Enterprise

Security is more than keeping employees and physical assets safe. In today's rapidly changing world, we need to understand the latest threats to enterprise security.

modern-enterprise-security


Author:

Taylor Carr (Linked In, Twitter, Facebook) -