IUCLID (“International Uniform ChemicaL Information Database”) is a software application to store and exchange data about chemical substances. It was developed in the 1990s in Germany, as AIDA the “Altstoff-Informationsdatenbank”, where Mike Penman, during his time at ICI, was involved in its early development.
IUCLID has been used successfully for REACH, CLP, and BPR dossiers in the EU for the last 10 years, with a primary focus on the exchange of common data. There is a growing global interest in IUCLID, with other regulatory bodies considering IUCLID as an effective tool for common data exchange.
I spoke to our System Administrator, Matthew Lowy about the IUCLID hosting work we do at Penman Consulting. Matthew has spent most of his working career in IT and spent the last ten years as a Linux and UNIX administrator in various commercial sectors.
How do we currently assist in the development of IUCLID?
“We reported two issues to IUCLID for the last version (v4.14.1), and they have both been resolved in the most recent update. Firstly, it was possible to change a password on a logged-on session, without any checking that it was a valid operation. This is a security issue, so we were quick to report it.
Additionally, the print feature was not working for single IUCLID documents in the classic interface. We use this feature regularly, so we are glad it is fixed!”
How many IUCLIDs do we host?
“We run nine client systems, in addition to several historic versions. We also have several testing instances which ensures we can troubleshoot problems for any of our clients, no matter the version of IUCLID. The instances run on a Linux platform, using a Derby database installation running on the same server. They are configured to use the latest supported Java and Derby installations. Every client system runs in its own virtual environment as a self-contained instance of IUCLID and database, so all client systems are isolated from each other.
Most of our IUCLID6 systems are the same size (4-core and 8GB memory) apart from one, a Penman Consulting managed consortium, which is twice as large due to the peak workloads that it experiences. The historic IUCLID5 systems are smaller as they are rarely accessed, however we can very easily adjust server sizes (with a short outage) to reflect planned high usage periods.”
What’s our process for setting up a new IUCLID?
“As we host several IUCLID clients already, it is simple for us to set up a new one. Here are the steps we usually follow.
- Create a new empty server.
- Add the server to our chosen orchestration software to manage it as a ‘standard’ IUCLID6 instance.
- Create DNS (Domain Name System) entries for the new server.
- Create SSL (Secure Sockets Layer, an encryption-based Internet security protocol) keys for the new server.
- Allow our chosen orchestration software to complete the application ready infrastructure.
- Install the correct version of IUCLID6.
- Create Legal Entities and user accounts.
- Support the customer to get their data set up in IUCLID.
- Maintain the installation on an ongoing basis, including providing support and training where needed.”
How do we manage security for IUCLID?
“Keeping client data secure is very important to us. The below is not an exclusive list, but here are some of the common ways we make our IUCLIDs secure. We…
- Apply operating system (OS) patches in a timely fashion
- Remove unnecessary OS components.
- Do not allow password authentication to the OS.
- Block root login to the OS.
- Do not allow access via well-known ports.
- Restrict database access to the local host only.
- Set complex passwords for access to the database.
- Monitor unauthorized access attempts and respond appropriately.
- Filter to restrict who may connect to the IUCLID graphical user interface (GUI) (optional).
- Protect customer data against deliberate or accidental destruction by creating backups with a separate provider.
- Invalidate accounts of people we know should no longer be authorized.
All of the above is covered by our ISMS (Information Security Management System) which is ISO27001 accredited.”
If you are interested in our IUCLID hosting or training, please get in touch at info@penmanconsulting.com.