Delivering stellar experiences isn’t possible without data. Here’s a snapshot of how we make sure your data is secured and protected.
Processes:
We ensure adequate control over all data we process, based on adherence to multiple international standards. This includes mechanisms such as encryption at rest and in transit, access control, data retention, anonymization, etc. We also maintain a record of processing activities (ROPA) for all data stored in our system.
Training:
Our teams are trained to understand all vital aspects of security, including auditing, vulnerability tracking and resolution, secure coding practices, and data security, among others.
Monitoring:
Monitoring tools assist our team in identifying and addressing sensitive events, 24/7/365. Among others, we use AWS GuardDuty, ZAP, Prowler, and kube-bench.
Auditing:
We regularly conduct internal and third-party audits to ensure that our security policy and procedures are maintained and updated, as required.
Penetration Testing:
We conduct penetration testing on an annual basis, to ensure our clients’ data is secured against external threats.
Certifications, Standards, and Regulations
Joveo maintains the necessary industry-standard certifications and compliances. Our goal is to ensure the highest level of data security and privacy for our employees, customers, and partners.
Certifications
SOC 2 Type 2: This is an independent assessment of our internal control environment, which reports on our controls system and its suitability with respect to protecting customer data. The SOC 2 Type 2 report is based on the American Institute of Certified Public Accountants’s (AICPA) Trust Services Criteria and is issued annually.
ISO 27001: This internationally recognized standards-based approach to security demonstrates our commitment to security. Joveo has been continually ISO 27001-certified since August 03, 2023.
Adherence to Standards
GDPR: Joveo’s products are in full compliance with General Data Protection Regulation (GDPR), a European Union regulation on information privacy in the European Union and the European Economic Area.
CCPA: We are compliant with the California Consumer Privacy Act (CCPA), intended to enhance privacy rights and the protection of Personal Information and extend the same level of protection to all those in the US.
Data security is as important to us as it is to you. If you would like to view our security and compliance certifications, please let us know and we’ll be in touch shortly.
