Security is one of our main concerns and we take all possible measures to ensure that user data is kept secure. Validating and where needed updating these security measures is an integral part of our daily routine.
- Our application servers are hosted at ISO27001:2013, ISO9001:2015 and NEN7510:2017 certified providers.
- Server hardware is located in air-conditioned areas with redundant power supplies and automatic sprinkler systems.
- All areas are secured by 24/7 camera surveillance.
- Our backup routine includes a full daily backup of all user data (databases, documents and definitions, media files and logging).
- We preserve seven daily backups along with 24 monthly backups.
- Backups are encrypted and stored at two different physical locations.
- All servers employ full disk encryption to protect user data from unauthorized physical access to server hardware.
- All servers are protected by a virtual firewall that blocks potentially harmful network traffic.
- We only use SSH (an extremely secure network protocol) for system maintenance and backup purposes.
- We further enhance SSH security by limiting SSH traffic to a limited number of specific IP addresses.
- Apart from SSH access the only traffic that can pass the firewall is user access to the applications.
- The are no servers (like database servers, mail servers, web servers etc.) that can be accessed directly from the outside world.
- All server system software is kept up-to-date on a daily basis.
- Security patches are installed as soon as they become available.
- All application access is done via HTTPS over TLS 1.2 to make sure all information is encrypted and protected from man-in-the-middle attacks.
- Older and less secure protocols like SSLv2/SSLv3 are not supported.
- We only use 2048-bit SSL-certificates to achieve optimal security
- We allow user certificates of up to two years old but urge users to annually renew their certificates to keep them up to the latest standards.
- Our standard (wildcard) certificates .jambo-mobile.com and .jambo.software score a perfect 10/10 benchmark score.
- Our application servers score a 9.5/10 protocol support score.
- Our application servers score a 9/10 key exchange and cipher strength score.
- Our overall benchmark score (using the standard certificates) is an A on an A through F scale. This is the maximum score achievable for systems that run on the current Java virtual machine.
- All user applications require authentication via a user name and password.
- Two-factor authentication can be applied to further enhance security.
- Adherence to strict password security policies is enforced across all applications.
- All URL parameters containing user data (like e-mail addresses) are encrypted.
- Non-public URLs are protected from manipulation by 256-bit check-sums.