Security & Privacy
In terms of security & Privacy, Jupitice has implemented multi levels of security measures in the system so that the user data can be fully protected. Below are a few measures in place to keep a check on the same:
We are using Hypertext transfer protocol secure (HTTPS) over HTTP for our platform, which uses encryption protocol i.e. Transport Layer Security (TLS)/Secure Sockets Layer(SSL).
It prevents our platform from having their information leaked to anyone snooping on the network. When information is sent over regular HTTP, the information is broken into packets of data that can be easily sniffed using free software. This makes communication over an unsecure medium, such as public Wi-Fi, highly vulnerable to interception.
With HTTPS, traffic is encrypted such that even if the packets are sniffed or otherwise intercepted, they will come across as nonsensical characters.
We are restricting the data access to user roles on the platform. Every end user according to their roles will have access to only their data which leads to a more secure environment.
Also, restrictions have been implemented on employee level as well so that not every employee of Jupitice will be able to access everything on the platform. This gives a boost in confidence to every client who will be onboarding on the same.
Disk Level Encryption
We are using Elastic Block Storage(EBS), which is an on demand block storage service offered by AWS.
As we are dealing with production data that is very crucial for our business, we are implementing disk level encryption in which the data stored on the EBS volume, the disk I/O and the snapshots from the volume are all encrypted. This gives an extra layer of protection on database level as well.Read More