Sequencing is performed on customers' equipment so it's the responsibility of the customer to manage vulnerabilities and security patching there.
Amazon Web Services (AWS) and Metrichor both apply multi-layered security services including regular, manual and automated, checking for vulnerabilities and weaknesses.
Servers providing EPI2ME analysis services have short lifetimes (usually hours) and are always built from a clean, scanned, and regularly-updated set of machine images.
For more information on how your data is protected see the information governance page https://metrichor.com/ig.html.