Loved by 1000+ lab scientists and operators around the world

Scispot is built on Amazon Web Services, leveraging AWS's world-class secure data centers (certified for ISO 27001, SOC 1/SOC 2, etc.). This provides a strong foundation with physically secure facilities and robust network protections.

Our security team uses automated threat detection and logging (via AWS CloudTrail/CloudWatch) to monitor for malicious activity. We maintain a proactive alerting system and conduct regular security audits and penetration testing to quickly address any vulnerabilities.

Scispot provides fine-grained, role-based access control. Using AWS Cognito and IAM, each client organization has a dedicated user directory, so you can grant admin-level or read-only access as needed while enforcing least-privilege principles. Features like two-factor authentication and SSO integration are supported to further secure account access.

Increase data protection and meet your organization's most critical compliance needs with Scispot's 21 CFR Part 11 GxP Compliance Suite. Support FDA and EU compliance requirements with tamper-proof audit trails, electronic signatures, and validated workflows.

We design our architecture for high availability, capable of supporting labs of any size without performance degradation. Scispot's cloud-native infrastructure automatically scales to handle your workload, whether you have 10 or 10,000 users. We back this with enterprise-grade uptime commitments.

Scispot maintains robust disaster recovery and business continuity plans. We define Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) for our services and design systems to meet them. Automated backups across regions and rapid failover protocols minimize downtime and ensure critical data can be recovered with minimal disruption.

We provide robust admin-level controls so you can govern your data access and usage. Role-based access control allows you to restrict sensitive data to authorized personnel only. Every user action is tracked with immutable audit trails and activity logs, giving you full visibility into who did what and when.

All customer data in Scispot is considered sacrosanct – it never leaves your Scispot instance without your consent. We never use customer data for our own purposes (such as AI training or analytics) without permission. If you ever need a copy or decide to leave, you can export all your data in industry-standard, compliance-friendly formats.

Scispot employs strict tenant isolation – your lab's data is stored in a dedicated database schema and completely isolated from other customers. By default, data is hosted in North America, but we accommodate data residency requirements: EU customer data can be stored and processed in EU regions to meet GDPR and local regulations.

Every new feature at Scispot goes through a privacy impact assessment. We build with privacy-by-design, meaning features like Scispot AI were architected so that customer data is not shared or used outside your account context. If you choose to enable AI capabilities, they operate within your secure environment, and you can turn them off at any time.