Terra is a scalable and secure cloud-based platform for biomedical researchers to access data, run analysis tools, and collaborate. As further described in the Terra Security Posture, we implement controls at the NIST 800-53 Moderate baseline and select additional enhancing controls where needed using a “pure” information security perspective to prioritize best-of-breed security methods.
However, there are some aspects of these controls that Broad is not able to enforce without your help. Some controls are shared between us and the User while others are fully the User’s responsibility. These controls are called “Customer Responsibilities.” By using Terra, you acknowledge that you are responsible for adhering to these Customer Responsibilities.
1. Customer End User Account Management
Terra is a secure system but Users may access Terra from their own systems (desktop computers, laptops, etc.). It is therefore your responsibility to ensure that those User systems are appropriately secure.
Terra offers optional automatic inactivity logout functionality to Terra Users upon request. This functionality is not offered to Terra Users by default but a User may request that this feature be made available.
Terra is developed by the Broad Institute of MIT and Harvard
in collaboration with Microsoft and Verily.
Terra is developed by the
Broad Institute of MIT and Harvard in collaboration with Microsoft and
Verily Life Sciences.