Frequently asked questions

The uniqueness of LorisQ is that it is not based on helping just single companies, but on building a network of equipment owners and service providers. Among other things that means that there is not any fundamental difference between handling your external and internal services through LorisQ. But it means that a lot of work will be done by your external service providers and you will save a lot of time working on keeping your database up to date.

Of course. Just as calibration labs you can use LorisQ to connect with your clients and hare your certificates and reports with them.

You can, through your web browser. However, we are also working on a mobile app.

Whatever you do with your equipment, internally or externally, if it’s periodical. That could be qualification, validation, internal check, cleaning, anything.

We care a lot that these trend graphs are at the same time as simple as possible and as useful as possible. So we define these graphs for each type of instrument differently. Currently trend graphs are supported for more than 60 types of measuring instruments (for example thermometers, micrometers, torque wrenches, piston pipettes etc.). Most of the instruments you use will probably have trend graphs, and this number will increase in the future.

Every provider can only see their own results. For example, if you hire calibration lab A in even years, and calibration lab B in odd years, calibration lab A will see trend graph with points only for even years. Only you as an owner of the instrument can see everything.

With our wizards it’s easy to enter all your data and upload all your documents and more, but we are also working on a feature to import your data from Excel spreadsheet into LorisQ.

The security of our servers is a number one priority. In all our environments we enforce strong SSL certificates with at least 2048-bit RSA encryption and hardened web-server (Nginx) configuration for usage of strong modern ciphers. HTTPS with TLS is used to encrypt all traffic between mobile apps and the backend system. Steps taken to avoid attacks such as CRIME, BREACH, POODLE and the rest include disabling weak and old protocols and ciphers such as TLS 1.0, DES, RC4, etc. and preferring modern ciphers such as 256-bit AES encryption and TLS 1.2.
The administration access to the servers is limited to a predefined list of IP addresses (or a range of addresses) and a public key infrastructure is used to authenticate users.
Access to the backoffice system is allowed only through an OpenVPN connection and administrators are authenticated using username/password pairs with enforced strong passwords.
A software firewall is used on all servers to block all incoming traffic except OpenVPN, SSH and HTTPS.
Usually Ubuntu Server LTS is used on the server infrastructure, and servers are regularly updated with all security patches.
As an addition to high security standards enforced on our server infrastructure, all entities in the database have ownership defined on them. Once a user requests access to a specific entity, the system checks the ownership associated with that entity. If the ownership of an entity is matched with user access rights, the system provides the specific user with access. If ownership is not matched, access to an entity is declined for a specific user.

A couple of procedures have been put in place to prevent data loss and data modification. First of all, the system keeps a detailed log of all user actions with detailed information about actions performed and the user who performed them. In addition to that, none of the delete actions in the system are destructive. When a user deletes an entity in the system, that entity will remain in the database, but it will be marked as deleted. So if something is deleted by accident, it can be easily restored in the future. Finally, there is a backup procedure in place that backs up all user data on a daily basis. Backup copies are stored in several different backup locations spread around the globe. In case of an emergency or a critical system failure, the data can be restored from a backup in no time.