Uncountable supports organizations with diverse needs for both broad and restricted access to data. Using Role-Based Access Control (RBAC), permissions can be customized by department, project, experiment, and more, allowing administrators to define exactly who can view or edit specific data.
RBAC ensures:
- Granular access control across projects and experiments.
- The ability to restrict confidential projects to defined groups.
- Permissions assigned based on user groups and license types.
Global Access and Integration
Global Access
Uncountable provides consistent performance worldwide. Users in regions such as Europe, North America, APAC, and South America share the same database, supported by technologies like AWS Global Accelerator and Content Delivery Networks (CDNs) for optimized cross-region load times.
Integration Access
For researchers and data scientists, Uncountable supports:
- Custom file exports of experimental data.
- An Open API for direct data queries into third-party tools.
- The ability to develop custom APIs to integrate with internal systems.
Platform-Level User Restrictions
User Access
Access is determined by:
- User Groups — Define permissions for projects, experiments, and materials.
- License Type — Controls which platform features (e.g., visualization, AI/ML tools) are available.
Role-Based Access Control (RBAC)
- Users are grouped with defined Read/Write permissions.
- Access can be limited to inputs or outputs only.
- Best practices include encryption in transit and at rest, and strict “need-to-know” access.
Access Configuration
Admins can:
- Manage RBAC, field options, and workflows through administration views.
- Sync user groups with existing roles using SCIM.
- Configure access at multiple levels (department, project, experiment).
License Types in Uncountable
Uncountable offers four main license types designed for different roles in R&D environments:
| License Type | Capabilities |
|---|---|
| Read-only | View ingredients, recipes, properties, dashboards, and activity. Cannot analyze or manipulate data (no specs, visualizations, notebooks, reporting, or predictive tools). |
| Basic | Store and search recipes, manage inventory and equipment, handle lab requests, export data, and use notebooks (ELN) and reporting tools. Note: Basic users can view Visualizations saved to Notebooks by Pro users. |
| Pro | Includes all Basic features, plus: analyze experimental data using visualizations and charts, manage experiments, and create Visualizations. |
| Advanced | Includes all Pro features, plus: predictive AI tools (custom models, suggested formulations, surface visualizations, and design experiments). |
Platform Features and Access Controls
Identity and Access Management
- Configurable controls allow tenant-specific security and compliance settings.
- Supports Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
- Permissions can be extended to external users securely.
Records and Audit Logs
- Built-in audit logs include authentication and user activity tracking.
- Logs can be integrated with tools like DataDog or Splunk for detailed monitoring.
Additional Access Features
- Exemptions and Approvals: Permissions can allow managers to approve or override.
- Tagging: Classify projects (e.g., “confidential”) to control access.
- IP Restrictions: Enforce IP-based controls for subsidiaries.
- Electronic Signatures: Supports 21 CFR Part 11 and Annex 11 compliance.
Data Access Security Measures
Security and Privacy
- Annual external audits ensure compliance with ISO 27001 and SOC 2 Type II.
- Aligns with GDPR, CCPA, and standards like NIST and C5.
- Implements Zero Trust policies and multi-factor authentication internally.
Infrastructure Security
- Hosted on AWS, with network segmentation, firewalls, and traffic monitoring.
- Isolated production environments safeguard against external threats.
Threat Detection
- Proprietary threat models and high-fidelity alerts support rapid response.
- Continuous monitoring includes penetration testing and red-team exercises.
Disaster Recovery & Backups
- Continuous database backups with 35-day snapshot retention.
- Binary data (e.g., images) stored in version-controlled blob storage.
- Annual disaster recovery drills ensure 10-minute RPO and RTO targets.