JDify offers comprehensive SaaS products to million to help the business grow their business exponentially. Security plays a major role we design-build in products and we take care of the information that our customers and visitors drop in via email. We're transparent with our security to make you feel informed and safe using our products. Here we will be covering topics like data security, operational security, and physical security to clearly explain how we offer security. The security procedure mentioned on this page is applicable for all the existing and future products of JDify. Along with building products that offer 360 support, we back ourselves with robust data security and privacy practices.
JDify secures its customer's data with a multi-fold model of security architecture, end-to-end security, and highly resilient architecture.
Security operations and best practices
Our dedicated security team adheres to industry best practices and is aligned to the control framework. Any sort of security threat is prevented using our detection program, secure software development program, and industry-accepted operational practices.
We perform certain security testings including threat-modeling, automated scanning, and third-party audits. Along with all the existing measures, we keep our customers informed of the real-time system status.
Availability of data centers
Any sort of physical access to our data center is prohibited by anyone outside the authorized individuals. We maintain high levels of availability with multiple geographically diverse data centers.
Our regular infrastructure monitoring techniques are designed to offer multiple layers of protection and defense. We make sure to use, firewalls to prevent our network from unauthorized access. All the important security aspects are monitored using our proprietary tool and notifications are triggered in any instance using DDoS prevention, Server hardening, and Intrusion detection and prevention.
Any advanced features are directly governed by a change management policy for ensuring all the modifications are authorized. Our software development life cycle is for following the coding guidelines as well as a screening of code changes for potential security issues with our set of tools like code analyzer, vulnerability scanners, review processes, and much more. Our robust security framework based on OWASP standards, which is implemented in the application layer, provides functionalities to mitigate threats such as SQL injection and cross-site scripting and application layer DOS attacks.
JDIfy monitors and analyses all the gathered information from service, internal traffic in our network, and usage of devices. All the information stored is recorded in the form of event logs, audit logs, fault logs, administration logs, and operator logs. The above-mentioned logs are automatically monitored and analyzed to find any kind of unusual activity in employees' accounts. We store these logs in a secure server to ensure complete protection.
Reporting and alerts
We will every time notify you of the incidents in our environment that apply to you, and also notify you about the actions and active measures you can take. Any time necessary, we will identify, collect, acquire all the crucial details with an application to fill and track logs regarding incidents. We take preventable measures to control the occurrence of such situations.
We respond to the security or privacy incidents you have reported to us by dropping an email on our official id as our highest priority. In the case of any general incidents, we will notify our users via multiple mediums such as blogs, forums, and social media. In case of any specific incidents, we will inform the concerned person on the registered email.
If we are aware of any malpractice according to the General Data Protection Regulation (GDPR), we will notify you within 72 hours. Depending on any particular requirements, we will notify our customers as and when necessary.
JDify strives to make it delightful for its customers. The single sign-on lets users access multiple JDify services with single sign-in credentials. When you sign in to JDify, it happens through our integrated Identify and access management services. SSO simplifies the login process by providing easy access control and reporting.
Jdify offers an extra layer of security such as multi-factor authentication. It is an additional verification that the users must possess, apart from the password. This is to reduce the chance of unauthorized access using the Time-based OTP.
We employ technical access controls and certain internal policies from accessing user data this is to reduce the risk of data exposure. Access to data is maintained by a central directory and authenticated using passwords and two-factor authentication.
Malware and spam protection
All the user files are automatically scanned using our automated scanning system that's designed to stop the spread of the virus. Our custom anti-malware engine looks for regular updates from external threat intelligence sources and scans files against blacklisted signatures and unusual patterns.
We have an Information Security Management System (ISMS) in place to take care of our security objectives. Each employee we hire undergoes a background verification to make sure that may not pose any risk to user data. We do this to verify criminal records, and any previous employment blackmarks. Each employee undergoes training in information security, compliance, and the privacy policies that JDify follows. Apart from this, we also conduct events to raise awareness regarding security and privacy.