Through the MeluXina supercomputer, LuxProvide offers companies a range of opportunities to generate business value from their data. However, making sensitive or confidential data available for processing by an external organisation often raises a number of questions. Who will be able to access my data? Will any competitors working with MeluXina be able to find out what type of operations we are running? What will happen to my data when the project is over? How likely is it that the data processed by the high performance computer (HPC) will be hacked?

Security has been on top of our agenda since the very start of the company.

Ismail Guennouni, Chief Information Security Officer at LuxProvideFor LuxProvide, it is a top priority to ensure that prospective and actual customers can feel reassured regarding all security matters. “Security has been on top of our agenda since the very start of the company,” says Chief Information Security Officer Ismail Guennouni. “We are integrating a security dimension into all the aspects of our activity: services, customer integration, the separation of different customer environments, and so on.”

Adopting a supercomputer security standard

In December 2022, LuxProvide reached an important milestone by becoming compliant with the internationally recognised ISO 27001 security standard. “The ISO certification provides a framework for continuous improvement which we are using to ensure that our security level is constantly increasing,” Mr Guennouni explains. With the certification as a basis, the high-level security rules are continuously improved and adapted to the current usage, for example by defining who has access to the server room, how the identity management of employees, customers and providers is handled, and so on.

The communication channels used to transmit data are encrypted by default.

Strong identification measures are crucial. “We address multiple target groups: private companies just as well as engineers and scientists who are used to working in an HPC environment. Processing company data will, in many cases, mean that the supercomputer holds their trade secrets, and we need to make sure that our level of protection is top-notch. Our user identification and multi-factor authentication processes will ensure that any transfer of data or access to MeluXina is done by the right person. The communication channels used to transmit data are encrypted by default.”

Each customer will have the option to process its data in a restricted environment, without any possibility to spot other users or their operations. LuxProvide fences user environments and applies a high level of monitoring, to ensure an elevated degree of availability, integrity and confidentiality of user data on the MeluXina platform. A particularly high level of control is also implemented for external service providers who support the system’s operation.

Protection against attacks

Protecting MeluXina against cyberattacks by monitoring risks and protecting the HPC environment is obviously crucial. “We are putting a maximum of measures in place to reduce our exposure to attacks, but a zero-risk level does not exist,” Mr Guennouni points out. “We also need to find the right balance between security measures and usability. If you make your systems extremely secure it is hard for attackers to get in, but using them also becomes very complicated for customers and staff. If we go too far, the risk is that customers turn to other, less secure HPC centres that are easier to use.”

In the event of an attack, the first step to take is to rapidly become aware of the attempt and have processes in place to find out whether the breach was successful or not and how far the attacker was able to go. “If a breach happens, our customers will be notified directly. We also constantly keep ourselves updated about software vulnerabilities and make sure that we implement the security patches as soon as they are released.”

Limited data retention

All data processed by MeluXina is stored at LuxConnect’s tier IV datacenter. However, hosting confidential company data with an external organisation is a sensitive issue, something Mr Guennouni is well aware of after having worked with security for over 15 years mainly in the banking sector. “The availability of data will follow the lifecycle of the contracts we have with our customers,” he explains. “We have a default data retention rule, for example until one month after the end of the contract. After that, all data will be deleted from MeluXina.”

Our customers can feel completely at ease.

However, would it be possible to recover deleted data, as can be done on a laptop? Mr Guennouni answers this question with a resounding no. “In the very unlikely case that someone would manage to steal one of our hard drives by bypassing the security controls of a tier IV data centre, they would never be able to retrieve its contents due to encryption mechanisms and the fact that the data is divided on multiple disks. Our customers can feel completely at ease.”

Photos: © LuxProvide

Read more

Luxembourg Digital Innovation Hub gets new European dimension


The designation as European Digital Innovation Hub (E-DIH) broadens the scope of the Luxembourg Digital Innovation Hub (L-DIH) as a one-stop-shop for the digital transformation of the Luxembourg manufacturing sector by providing additional channels and financial resources for more impact in Luxembourg and Europe. With Luxinnovation, the national innovation agency, continuing its role as coordinator, four additional partners now join the L-DIH consortium to considerably extend its service offer.
Read more

New healthtech business developer joins Luxinnovation


The international business development team at national innovation agency Luxinnovation informs and guides international companies considering Luxembourg as a potential location for their European offices. On 1 March 2023, Régis Ciré joined the team and took on the role of supporting healthtech businesses.
Read more

Mission to Latvia presents potential business opportunities


A high-level business delegation comprising of 20 Luxembourg companies participated in the three-day official trade mission to Latvia, where an intensive economic and business programme was unpacked, with over 90 B2B meetings taking place on the side-lines. Luxinnovation’s Head of International Relations, Jenny Hällen Hedberg, underscored the effective collaboration between the organisers of the mission and key areas of interest that were identified as a result of interactions between Luxembourg-Latvian counterparts.
Read more

Latvia-Luxembourg wood sector forum participants accentuate collaborative research


Luxinnovation co-organised a hybrid business forum for the wood sector during the just concluded official trade mission to Latvia with the aim to facilitate exchanges between the Luxembourg wood companies and representatives from the Latvian wood sector. During the meeting, both parties expressed their interest in expanding economic cooperation and developing joint research activities.
Read more

L-DIH Talks: New webinars on digital transformation in the manufacturing sector


The Luxembourg Digital Innovation Hub (L-DIH) is about to launch the 2023 edition of its popular “L-DIH Talks” webinar series that will run from March to December. We spoke to Joachim Clemens-Stolbrink, Senior Advisor Digital Transformation at Luxinnovation, about the topics and new features that the series will cover and the added value it offers to the digital transformation of the manufacturing sector.
Read more

Resources all news