Trusted & Secured

Data Security & Compliance

As a SaaS company, Josys is committed to protecting our customers’ data and securing their environments using the best technology and infrastructure available.

Compliance & Certifications

Josys is SOC 2 Type II certified, which validates that Josys’ systems have been thoroughly assessed and meet the stringent criteria for security, availability, processing integrity, confidentiality, and privacy of customer data.

Josys is also ISO 27001 compliant and abides by the Act on the Protection of Personal Information (the APPI), the principal data protection legislation in Japan, demonstrating our commitment to compliance and data protection.

Cloud Data Storage & Protection

Josys leverages cloud computing to offer secure and scalable data storage solutions. By leveraging leading cloud service providers, Josys ensures that data is stored securely, accessible and scalable according to the evolving needs of businesses. This approach ensures high availability and reliability of the Josys platform to our users.


To protect sensitive information, Josys employs a dual-layered encryption approach. This includes encrypting data at rest, ensuring that stored data is shielded from unauthorized access, and encrypting data in transit, which safeguards information as it moves between systems. Utilizing industry-standard encryption protocols, Josys ensures that all data remains secure and confidential. In addition, any credentials entered by customers to integrate their applications on Josys is secured with 256-bit encryption.

Security Features & Processes

Customer data is secured, encrypted, and protected from unauthorized users using the highest level of security measures.


Josys support SAML 2.0 (Security Assertion Markup Language) for authentication, enabling seamless and secure Single Sign-On (SSO) capabilities. This is complemented by Multi-Factor Authentication (MFA), which adds a layer of security by requiring multiple forms of user verification.

Role-Based Access Controls

Josys employs role-based access controls (RBAC) to manage user permissions effectively. By assigning roles and access rights based on job functions, Josys ensures that employees can access only the data and systems necessary for their roles, thereby minimizing the risk of unauthorized access or data breaches.


Josys’ backup strategy involves regular, automated backups, ensuring quick recovery in case of data loss or disaster. Josys’ disaster recovery protocols are rigorously tested to guarantee that business operations can be swiftly restored with minimal disruption.

Business Continuity & Disaster Recovery

Josys employs comprehensive strategies for business continuity and disaster recovery. These strategies are designed to ensure minimal disruption and rapid recovery of operations during unforeseen incidents, thereby safeguarding data integrity and availability.

Security Policies & Procedures

Josys’ security policies include IP Whitelisting and Password Security, controlling access and mandating strong, complex passwords for enhanced protection. 

Patch Vulnerability Management

Josys employs AWS native tools and third-party solutions for continuous monitoring and regular vulnerability scans. Automated patching processes ensure timely application of security patches, maintaining system integrity.

Employee Training & Awareness

Josys implements training programs on information classification and conducts regular audits to ensure policy compliance, emphasizing the importance of a security-conscious workforce.

Ensuring Compliance Through Audits

Josys’ regular audits and monitoring are conducted to ensure adherence to security policies and procedures. These audits help identify and rectify deviations, reinforcing Josys’ overall security posture.

Additional Security Measures

Josys reduces the attack surface by limiting access to production, implementing device auto-lock features, and using commercial tools for a multi-layered defense.