Efento Cloud – GxP compliance

About Efento

Efento was founded in 2016. Since the beginning, we focus on solutions in the field of Internet of Things (IoT), Machine-to-machine communications (M2M) and Cloud computing.

As one of the few companies in the world, we offer an integrated solution for monitoring and analysing various physical parameters, based on wireless sensors (Bluetooth Low Energy and Narrowband IoT) , advanced cloud platform, and mobile applications.

Our products are used by more than 4 000 customers on six continents. Every day Efento Cloud platform receives, analyses and stores over 1.5 million measurements from loggers working on our customers’ sides. Our portfolio contains over 20 types of wireless sensors.

When designing our products, we make sure that both our hardware and software are:

  • Convenient to use – our solutions are designed to make the setup and operations as easy as possible. Unlike the current hardware, our loggers are easy to install and work for a long time without any maintenance by the users. Data collection and analysis software is hosted by us, so customers do not need to worry about setting up, maintaining and updating server infrastructure.
  • Complete – we offer a complete solution for data collecting and analysis including sensors, transmission and cloud platform.
  • Cost efficient – our solutions are designed in a way to be cost effective. Due to simple installation and no maintenance, long battery life, low transmission costs and software hosting in the cloud, the total cost of ownership of Efento products is lower compared to traditional monitoring solutions.
  • Universal – Efento sensors and cloud platform allow users to integrate with any third party solution and enrich their data with the insights that can be get from the wireless sensors

System description

Efento Cloud is a server platform that collects and processes data from Efento loggers. The platform is designed for facilities where from a dozen to several hundred measurement points are monitored, e.g. pharmaceutical wholesalers, cold stores or warehouses. Data can be sent to the platform from any location, and the user has access to it via a web browser.

The system consists of Efento loggers that measure and log various physical values including temperature, humidity, water presence and atmospheric pressure, Efento Gateway, which collects and sends the measurement data, and the Efento Cloud platform.

The server platform is the “brain” of the entire system, that collects and analyses the data, informs users about any abnormalities by SMS or e-mail and allows users to access the data via web browser or mobile application. The platform architecture and hosting are based on Amazon Web Services, which enables flexible scaling of the solution. Every day, the platform receives and processes over 1.5 million measurements from loggers working at our clients’ sites.

All parts of Efento Cloud system, including the cloud platform, Efento Loggers and Efento Gateway, are compliant with the requirements of GxP (Good Laboratory Practices (GLP), Good Clinical Practices (GCP), Good Manufacturing Practices (GMP). All its parts of the system meet the regulatory requirements in the fields of security, data integrity and  have the features required by the GxP regulations.

Key features

Efento Cloud provides users with all the features needed to monitor the environmental parameters in a GxP compliant manner.

Alarm rules

You can define any number of alarm rules and assign loggers to each rule. The rule consists of an input, condition and action, for example: if the temperature rises above 10 degrees, the platform will send an SMS notification to selected recipients. The rules can be configured in any way, e.g. sending notifications to different recipients depending on the threshold being exceeded.

SMS and e-mail notifications

The platform allows you to send notifications to any number of users, both in the form of e-mails and SMS.

Data storage

All measurements from Efento loggers are saved in the Efento Cloud platform. You can access them 24 hours a day from anywhere in the world via a web browser or mobile application. Measurements are stored in the platform for two years.

Locations

Thanks to Efento Cloud, you can easily organise the locations and assign the loggers to them. The platform enables mapping the structure of an organisation in the form of a tree and assigning individual sensors to its branches. The method of grouping is not subject to any restrictions, you can use a geographical division (e.g. Country -> States -> Cities -> Facilities), functional (e.g. Type of facility -> City -> Exact location) or other, better suited to your organisation.

Permission levels

For organisation users, you can create accounts for administrators who can configure the system (e.g. edit alarm rules, transfer sensors between locations, add new users), managers who have access to data and the ability to edit some settings (e.g. alarm rules) and analysts, who only have access to the data without the possibility to edit any settings.

Access to your locations

In addition, the rights may be granted to individual locations, thanks to which a person from “Branch 1” does not have access to data from the loggers working in “Branch 2”.

Maps / floor plans

You can assign a map or a room plan to each location and place loggers on it. Thanks to this, you can quickly see where the logger that measured the high temperature is located. The map also shows the status of the loggers with the possibility of filtering them.

Reports

Measurements from a selected period of time can be exported at any time in the form of a report (pdf and csv). What’s more, Efento Cloud allows you to automatically send reports to any email address with a selected frequency (e.g. once a day, once a week, once a month).

Charts

Data from any period of time can be displayed in the form of a graph, so you can quickly check whether the set alarm thresholds have not been exceeded

History of events

All events such as the occurrence of alarms caused by exceeding the alarm thresholds, loss of communication with the logger, return of measured values ​​to safe ranges are saved in the system and after logging in, you can quickly restore the list of events along with the dates and times of their occurrence.

Loggers statuses

Efento Cloud enables quick and convenient filtering and sorting of loggers. You can filter loggers by name, serial number, measurement type or location. In addition, you can quickly filter out inoperative loggers, loggers with low battery level or loggers turned off.

Audit trail

All changes and operations performed by users in the system are recorded in the audit trail. Thanks to this, administrators can see all changes within the system (including adding / removing a logger, changing alarm rules, adding / changing user permissions) along with information when they were made and what user made them.

Data security and integrity

Efento Cloud and Efento devices have been designed to provide full data security and integrity at each step. When designing communication protocols and ways of storing the data, we perform risk assessments to make sure that measurements, configuration and other data, which is crucial in case of GxP, is secure and no information is missing. As a result, the Efento Cloud system provides high reliability and data integrity.

Data completeness

  • Each Efento logger is equipped with the memory of the last 40,000 measurements. Efento gateway has a memory of 1,000,000 measurements, shared equally between the loggers it works with. In the event of a temporary loss of connectivity or power, the missing measurements will be automatically resent to the platform from the gateway or loggers’ memory.
  • In critical situations, it is possible to directly read data from the loggers or Efento Gateway memory.

Security of data transmission

  • At each stage of communication, the data transmission is encrypted, which makes it nearly impossible to capture and / or modify them (“man in the middle” attack).
  • Communication between the loggers and Gateway can be encrypted using AES 128.
  • Communication between Efento Gateway and the Efento Cloud platform is based on the HTTPS protocol with TLS / SSL. TLS ensures the confidentiality and integrity of data transmission as well as server and client authentication. It is based on asymmetric encryption and X.509 certificates.
  • The server-browser communication (access to the platform by the user) takes place using the HTTPS protocol

Security of data storage

  • The Efento Cloud platform is hosted on Amazon Web Services servers (data centres in Frankfurt and Dublin). All data of the platform users are stored in the territory of the European Union
  • Amazon Web Services servers are GxP (Good Laboratory Practices (GLP), Good Clinical Practices (GCP), Good Manufacturing Practices (GMP) compliant. More information
  • The IT infrastructure that AWS provides to its customers is designed and managed in alignment with security best practices and a variety of IT security standards including the following: SOC 1, 2, 3, ISO 9001 / ISO 27001 / ISO 27017 / ISO 27018, HITRUST, FedRAMP, CSA Security, Trust & Assurance Registry (STAR)
  • Data and settings backup is performed automatically once a day and is stored for 30 days from the date of execution. The backups are always stored in a data centre located in another geographical location than the main database.
  • The data is stored in a database cluster, which ensures its consistency. Data on the platform is stored for a minimum of two years.
  • The stability of Efento Cloud’s work is supervised by a team that watches over the correctness of the platform’s operation 24/7.

Data access security and data integrity

  • The Efento Cloud platform provides three levels of access:
    • Administrator – access to data, the ability to change settings, the ability to edit users,
    • Manager – access to data, the ability to change settings,
    • Analyst – access to data.
  • Users (regardless of the authorization level) have no access to the database and cannot edit the measurement data.
  • In the process of transmitting measurements and saving them on the platform, the security mechanisms introduced (encryption and identification of the device they come from) make it impossible to edit measurement data or send them via an unauthorised device.
  • Measurement reports can be generated as non-editable files (PDF). It is possible to verify the reports by the re-generation of a report from a selected period of time by the inspection body

Security – responsibilities on the customer’s side

Please note that part of the responsibility of data security is on the customer’s side. Efento Cloud provides a set of tools that allow them to control the access to the data and platform features within their organisation. It’s the customer’s responsibility to assign proper permissions for each user that has access to their data and introduce policies within their organisation that prevent potential data leakages / manipulation caused by the human factor. Customer’s responsibility includes, but is not limited to: setting strong passwords to Efento Cloud accounts, changing default passwords on Efento Gateways and managing access permissions to Efento Cloud.

Software development

Software development process

Software development process is standardised and used by all teams that develop Efento software, no matter if it’s Efento Cloud, Efento mobile application or firmware used by Efento embedded devices. Software development flow always requires the following steps:

  1. Defining the requirements and work planning – at this stage, a project team consisting of programmers, business analysts and product owners define the requirements for the features that will be implemented in the software. Once the requirements are defined and written down, tasks are divided between the development team members along with the estimation of the workload required to develop each feature. The adopted software development method allows the team to control the quality of the development process, as the features developed in one cycle can be easily and quickly tested to check, if the software works properly and if the newly developed features works as defined by the requirements.
  2. Development – at this stage, the features defined in the previous step are developed. Each of the features is integrated and tested with the entire application on an ongoing basis. During the development and integration of the application, unit tests of individual software components and an integration test are developed. The project team meets periodically to discuss the current progress of work, emerging problems and the compliance of the developed functionalities with the design assumptions / requirements. The result of this stage is a software in the test version with implemented features defined in the first stage. The software is built and marked as the test version. It is impossible to update the production software with the test versions of the software.
  3. Testing – At this stage, Quality Assurance team (separate from the development team) starts the tests of the software based on the defined test cases. Majority of the tests are automated by the QA team, some are performed manually. There are two types of tests that are performed at this stage:
    1. System testing – testing conducted on a complete integrated system to evaluate the system’s compliance with its specified requirements. System testing takes, as its input, all of the integrated components that have passed integration testing.
    2. Acceptance testing – Formal testing with respect to user needs, requirements, and business processes conducted to determine whether a system satisfies the acceptance criteria defined during the requirements development to determine whether to accept the developed features.
  4. Release – once the software is tested, a new version of software is released and available for the users.

Code pathway

Efento uses a standardised code pathway, used by all teams that develop Efento software, no matter if it’s Efento Cloud, Efento mobile application or firmware used by Efento embedded devices. This process is executed for both new code and changes to an existing codebase.

  1. Developer writes the code in an approved and standardised integrated development environment.
  2. Once the feature is finished, the code is deployed in a repository and assigned to another developer(s) for code review.
  3. The code goes through a code review in which at least one additional developer reviews the code and approves it. The list of approvals is stored in a log that is retained within the code review tool.
  4. The code is then built from source code to the appropriate type of deployable code package (which varies from language to language) / software package in an internal build system adjusted to the specification of the software which is being developed.
  5. After successful build, including successful passing of all unit tests, integration tests and static code analysis the code:
    1. gets pushed to a test environment (Efento Cloud software)
    2. is built as a software package which may be deployed on a particular device type (Efento sensors software, Efento gateway software, Efento mobile application)
  6. The code goes through automated integration and verification tests in the pre-production environments and upon successful testing the code is pushed to production.

Change management and issue tracking software

Every change in Efento software (both new features or modifications of the existing ones) goes through the same Software development process. Efento uses an issue tracking tool that stores the information about the requirements, tasks, tests and bugs. This provides us with full visibility of the software development progress, allows us to control the test coverage and track all the changes between the software versions.

Hardware

ISO 9001

All Efento devices are produced by subcontractors who have implemented a Quality Management System based on ISO 9001 norm. We constantly monitor our subcontractors and check if they have implemented the QMS and have a valid ISO certificate issued by a Certification body.

Devices production and testing

Production documentation

Production process of all Efento devices is standardised, documented and monitored during all stages. Information about each production batch is stored in a tracking system that provides us with full traceability of every single device.

Testing

Efento devices are subject to tests, performed during the production process. The tests include:

  • AOI testes – for every produced device,
  • AXI – for the few first batches (performed to verify the machines settings, soldering profiles, etc.),
  • Self test – Self test is a part of the production process to ensure the quality of Efento’s devices. Self tests are triggered automatically once the device’s production is fully finished (device is assembled and programmed with the software). Self test scenarios depend on the type of the device which is being tested. The test scenarios include:
    • Checking communication with cellular modem and SIM card (only devices equipped with the cellular modem)
    • Checking communication with flash memory
    • Checking measurements from each installed sensor
    • Checking the status of the button on the PCB
    • Checking processor status
    • Checking Bluetooth communication
    • Checking, if the device was programmed (flashed) properly

On top of that, during the tests, detailed information about each produced device is gathered and stored in the production report file along with the test results. Production report contains information about: modem’s IMEI, SIM card ID (if the SIM card is inserted / soldered at the time of production), modem version, modem firmware version, Efento’s software version.

Certificates of compliance with EU requirements (CE)

All Efento devices are compliant with the requirements included in the relevant Community standards. The devices have been tested by an external laboratory and meet the requirements of the Radio Equipment Directive (RED) 2014/53/EU, Including the Health and Safety, EMC and Radio requirements. The CE certificates for all types of the devices are available in the Support section of Efento website.

Calibration certificates

Efento temperature and humidity loggers can be delivered with calibration certificates meeting the requirements of ISO / IEC 17025. We cooperate with Ilac / MRA accredited laboratories, which can perform calibration at any points in the range -196 to 150°C and 0 to 94% RH. All measuring devices used in the calibration process are calibrated with reference to the standards of the Central Office of Measures. The calibration certificate has no expiry date, it is only a confirmation of the accuracy of the calibrated device at the time of testing. Calibration is additionally charged service.

Validation

The system has been validated according to the requirements and the guidelines of GxP. On customer’s request, Efento can provide the description of the test cases (IQ, OQ, PQ) for self validation after the implementation of Efento Cloud system in customer’s premises.

You can download this article in PDF

Newsletter November 2024

Efento Cloud - 6-Year Data Retention
We’re extending data retention on Efento Cloud to 6 years, now covering all sensors - new and existing - at no extra cost.
Bluetooth Low Energy - LTE Gateway
Our new LTE gateway is now available, compatible with all types of Efento Bluetooth Low Energy (BLE) sensors. It transmits data directly to Efento Cloud or any other server of your choice.
Efento Cloud: Update
Efento Cloud just got a feature-packed update! Key improvements include customizable platform themes, the option to compare data from multiple sensors on a single chart, and SIM card management for NB-IoT sensors.
New release: Thermocouple Logger
Efento has introduced a new thermocouple logger in the NB-IoT range, compatible with probe types B, E, J, K, N, R, S, and T.
Vaccine Temperature Monitoring - Vietnam
Discover how our partner in Vietnam implemented a vaccine temperature monitoring system in a public hospital.

Subscribe to our Newsletter