Whether you’ve ever lost a notebook with your meeting notes, experienced the cold sweat that comes just after you almost spilt your entire coffee mug all over your laptop, or been a victim of a data breach, you know the feeling of dread that comes when your important data is compromised or lost.
These days, data security is an everyday concern, especially for those who work with sensitive or confidential data in fields like stakeholder engagement and Indigenous or Tribal consultation. Read our blog for 15 features and commitments Jambo offers to protect your data.
You spend a lot of time collecting your data; you want to make sure it’s protected
Here at Jambo, we know you spend a lot of time gathering your data and building stakeholder relationships, and we take that seriously. To support your efforts, we work hard to ensure your data is secure and safe within our Stakeholder Relationship Management (SRM) software and that your data is always there for you when you need it.
We understand that some of the information you’re tracking might be confidential or sensitive, and you need to respect the privacy of your organization and those you work with. With this understanding in mind, we’ve made it our goal to support your data security and privacy policy efforts with our security features and commitments.
We’re committed to meeting high-level security practices as they evolve
Data security practices and processes are constantly evolving. At Jambo, we are committed to staying up to date with security best practices and meeting high-level security standards for all our users now and into the future. Keep reading to learn the technical features that we currently offer and our commitments to meeting today’s high security and privacy standards.
How Jambo takes your data security seriously
1. Secure data centres
When you are thinking of using a new software to manage your stakeholder engagement information, one of your first questions is likely, “where is my data stored?” Jambo data is stored in secure regional-based Amazon Web Services (AWS) data centres. This means, when possible, where you’re located is where your data is stored (e.g., if you’re in Canada, then your data is stored in AWS Canada).
2. Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) is an extra layer of security that requires users to verify their identities by providing multiple pieces of evidence before gaining access to their Jambo account. This enhanced security feature acts as an extra barrier to entry, making it significantly harder for an unauthorized person to gain access to an account, helping ensure that your sensitive stakeholder data is always well protected.
3. Single Sign-On (SSO)
Single Sign-On (SSO) is an authentication method that’s important for secure platform access as it helps you manage your credentials more effectively. With SSO, you use one set of credentials (managed by your organization) for multiple applications, and this can include Jambo. This feature increases enterprise security by reducing the possibility of your account being compromised because you only log in once each day and only use one set of credentials.
4. User permission management
The reason user permission management is important is that you need to ensure that the right people have the right level of access to sensitive data. With Jambo’s user role and permissions, you can give each user-tailored access to the platform to keep your data secure and private. For example, you can restrict who can view certain records or control who can edit data in the platform so you can continue to meet each user’s needs while also protecting anything confidential.
Do you work with contractors? Learn how Jambo’s user role and permissions and other great features help lower the risk of working with third parties.
5. Account logs
Jambo's account logs give you a complete history of every interaction within a user account. Whether somebody has logged into an account, logged off, made changes, or viewed a record, you can see all this activity in your comprehensive account log. With this transparency, you can see exactly what's happening within the platform at all times.
6. ISO/IEC 27001:2013 certification
ISO/IEC 27001:2013 certification is the highest internationally recognized standard for information security management systems (ISMS). Achieving ISO 27001 is a rigorous process, but it is essential if you are serious about keeping customer information and data safe and secure. To maintain this certification, we follow strict security standards to align with the certification’s security best practices, which helps to continually ensure your data is well protected.
7. Annual penetration testing
Penetration testing is one of the best ways to identify vulnerabilities in applications. While standard vulnerability assessments scan for potential weaknesses in system configuration and infrastructure, penetration testing goes to the next level in the deep testing of applications. Jambo goes through rigorous and extensive third-party penetration testing yearly to ensure our platform and services are up-to-date and hold up against current threats.
8. Regular testing
Beyond our annual penetration testing, our Information Security Officer, and his team of data security experts continuously test and monitor Jambo. With this regular testing, we continuously look for bugs or issues that may impact your use of Jambo or your data. If we notice something of concern, it’s taken care of immediately following our defined security processes.
9. Security Information and Event Management (SIEM) process
Our Security Information and Event Management (SIEM) platform collects security data in real-time, then continuously logs, aggregates, and applies analytics to that data to enable us to immediately detect threats or unusual activity. SIEM allows us to respond to threats quickly while ensuring the right people are involved and taking the proper steps to respond to your data security needs. Should a threat arise, we have the processes to identify the breach and isolate the threat quickly to minimize the risks to your data and organization.
10. Open Web Application Security Project (OWASP) training
Our team takes Open Web Application Security Project (OWASP) training to help them understand best security practices for application development. Part of this training is focused on helping people to spot the risks while understanding how to address and mitigate them. With the OWASP training, our team is further equipped with best-practice security knowledge to design and develop secure software.
11. Backup and Disaster Recovery Process
Your data is essential to what you do but disasters happen. Computer hardware can fail, data servers can be compromised, or human error can result in deleted data. We also have a comprehensive Backup and Disaster Recovery process in place to secure data, recover quickly, and ensure business continuity, which includes running nightly backups to minimize the data lost between the last backup and the incident.
12. Downtime tracking
As part of our best practices and further commitment to transparency, we track our uptime and report on any downtime. Tracking downtime helps us put preventive maintenance measures in place, so we can become more proactive than reactive. This information is posted on our help desk and is always available to our clients.
13. Data privacy
Part of our dedication to data security and transparency includes how we interact with your data in Jambo. There may be times you want our assistance in supporting your data (e.g., cleaning up data). However, we never access your data and never make changes to your data unless you’ve given us consent to do so. As part of our privacy policy, we will retain your data only for as long as is necessary for the purposes of your contract.
14. Data ownership
Any data that you store in Jambo is owned by you. Even if you choose to end your subscription to Jambo, you can export everything from the platform, ensuring you always retain ownership of your data.
For more considerations on data ownership when outsourcing, read our blog.
15. Transparency and clear actions plans
While not a feature as such, transparency is essential to us. We're committed to clear and timely communication with you, which is a key part of data security. If anything were to occur with your data and we believed there was an infringement or a breach of your privacy or security, we communicate quickly and clearly to ensure you understand the situation.
You'll have peace of mind knowing that if something did happen, we're trained to address the threat, inform you and take immediate action. Throughout the process, you'll know what's happening and be confident it's handled accordingly.
Next steps: Talk to Jambo about your data privacy and security requirements
Book a one-on-one discovery call with our team to answer your security requirement questions and find out if Jambo is the right fit for your organization.
