Trusted & Secured
Data Security & Compliance
As a SaaS company, Josys is committed to protecting our customers’ data and securing their environments using the best technology and infrastructure available.
Compliance & Certifications
Josys is ISO compliant and abides by the Act on the Protection of Personal Information (the APPI), the principal data protection legislation in Japan. Josys is also working towards SOC2 and GDPR certifications, with audits expected to be completed by March 2024, demonstrating our commitment to compliance and data protection.
Cloud Data Storage & Protection
Josys leverages cloud computing to offer secure and scalable data storage solutions. By leveraging leading cloud service providers, Josys ensures that data is stored securely, accessible and scalable according to the evolving needs of businesses. This approach ensures high availability and reliability of the Josys platform to our users.
To protect sensitive information, Josys employs a dual-layered encryption approach. This includes encrypting data at rest, ensuring that stored data is shielded from unauthorized access, and encrypting data in transit, which safeguards information as it moves between systems. Utilizing industry-standard encryption protocols, Josys ensures that all data remains secure and confidential. In addition, any credentials entered by customers to integrate their applications on Josys is secured with 256-bit encryption.
Security Features & Processes
Customer data is secured, encrypted, and protected from unauthorized users using the highest level of security measures.
SAML & MFA
Josys support SAML 2.0 (Security Assertion Markup Language) for authentication, enabling seamless and secure Single Sign-On (SSO) capabilities. This is complemented by Multi-Factor Authentication (MFA), which adds a layer of security by requiring multiple forms of user verification.
Role-Based Access Controls
Josys employs role-based access controls (RBAC) to manage user permissions effectively. By assigning roles and access rights based on job functions, Josys ensures that employees can access only the data and systems necessary for their roles, thereby minimizing the risk of unauthorized access or data breaches.
Josys’ backup strategy involves regular, automated backups, ensuring quick recovery in case of data loss or disaster. Josys’ disaster recovery protocols are rigorously tested to guarantee that business operations can be swiftly restored with minimal disruption.
Business Continuity & Disaster Recovery
Josys employs comprehensive strategies for business continuity and disaster recovery. These strategies are designed to ensure minimal disruption and rapid recovery of operations during unforeseen incidents, thereby safeguarding data integrity and availability.
Security Policies & Procedures
Josys’ security policies include IP Whitelisting and Password Security, controlling access and mandating strong, complex passwords for enhanced protection.
Patch Vulnerability Management
Josys employs AWS native tools and third-party solutions for continuous monitoring and regular vulnerability scans. Automated patching processes ensure timely application of security patches, maintaining system integrity.
Employee Training & Awareness
Josys implements training programs on information classification and conducts regular audits to ensure policy compliance, emphasizing the importance of a security-conscious workforce.
Ensuring Compliance Through Audits
Josys’ regular audits and monitoring are conducted to ensure adherence to security policies and procedures. These audits help identify and rectify deviations, reinforcing Josys’ overall security posture.
Additional Security Measures
Josys reduces the attack surface by limiting access to production, implementing device auto-lock features, and using commercial tools for a multi-layered defense.