When trying to safeguard information at a high-level such as digitized DNA, I would first look to assessing or identifying the lab to understand what functions are being used and the risks that come with them. Doing this would allow for us to firmly acknowledge the goals of what the lab needs. While understanding what the lab’s mission is, the next objective would be coming up with strategic decisions on the perfect program. At this point, communicating with the team and collaborating to produce the most secure program. After this, I would create a current profile to find the most used categories/subcategories and mark them down, whether they are being used entirely, partially, or not at all. By creating this profile we would understand where our vulnerabilities would be and we can target/assess these to gain extra strength in our security. Conducting risk assessments casually would lower the probability of an attack and better help us identify risks.

Though everything would be done as a team, assigning a risk manager would allow for the team to have direction when it comes to this mitigation plan. The risk manager would put plans in place if something were to go wrong, identify threats, and decide how to manage risk. Commonly communicating with the team about the efficiency of the current plan and determining what would be a good plan going forward.

Knowing who is going in and out of the lab can be a great first step to securing a lab. While keeping track of going in and out of the lab, there should also be a list of those who are allowed. Logging when they arrive as well as when they leave, also the equipment they use to track any damage that happens. The next thing that would be done would be using biometrics to allow those who were given access to enter. Doing this would make sure those who are allowed on site, were also the person on their tags. Lastly, these labs could use a third party cloud storage for each level of required security needed for all data.