Trust & Security
Jobiri guarantees compliance with strict privacy and security standards. Here are the policies, procedures and technologies we use to meet and exceed industry standards and requirements.
Certifications and compliance
SaaS solution qualified by AgID
Thanks to the Jobiri SaaS solution, schools, universities, municipalities and public institutions are guaranteed to innovate and make more effective their services at work respecting the obligations to acquire only qualified SaaS services as required by AgID circulars April 9, 2018 n. 2 and 3.
AWS Compliance Standards
Our Infrastructure Service provider, AWS, is certified ISO 9001, ISO 27001, ISO 27017, ISO 27018, SOC 1, 2 & 3.
We are PCI compliant through our payment processor, Stripe, which encrypts and stores credit card details.
Cloud Security Alliance
Jobiri documents in a transparent way the security controls implemented through the Cloud Security Alliance. By clicking here you can view our “Consensus Assessments Initiative Questionnaire”.
Amazon Web Services
Jobiri infrastructure is hosted and managed within Amazon’s secure data centers. Jobiri leverages all of the platform’s built-in security and privacy features. AWS continually monitors its data centers for risk and undergoes assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under: ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate and Sarbanes-Oxley (SOX).
Jobiri performs daily backups.
Data that passes through Jobiri is encrypted, both in transit and at rest. All connections from the browser to the Jobiri platform are encrypted in transit using TLS SHA-256 with RSA Encryption. Jobiri requires HTTPS for all services. Jobiri uses HSTS to ensure browsers interact with Jobiri only over HTTPS and is on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.
All employees are trained on security and data handling to ensure that they uphold our strict commitment to the privacy and security of your data.
All employees sign a confidentiality agreement before they start at Jobiri.
Reliability and redundancy
Business continuity e disaster recovery
Jobiri has built and documented internally its business continuity and disaster recovery plans in order to ensure high availability.
Click here to check the status of our systems.
Software development lifecycle
Jobiri continuously scans the product for service interruptions, performance degradation and security vulnerabilities to immediately alert our engineers and take action when an incident has been detected.
New releases to the Jobiri platform are thoroughly reviewed and tested to ensure high availability and a great customer experience. Changes to our codebase are required to be peer reviewed before being deployed.
After a changeset is released, we continue to monitor application exceptions and log exceptions. These exceptions are regularly reviewed and triaged for resolution. Performance impacts of the changeset are monitored through several monitoring services.
Malicious software prevention
Our employees’ equipment is defended by anti-malware software, and we run routine phishing tests to further educate and train employees.
We keep our systems up to date with the latest security patches and continuously monitor for new vulnerabilities through compliance and security mailing lists.
Social Network Login credential protection
For Google, Facebook and Linkedin connections, Jobiri never collects passwords. This also enables you to set additional security precautions with that provider including 2-factor authentication (2FA).
Email and Password Login
For users logging in with email and password, Jobiri always salts the credentials.
Jobiri offers Google, Facebook and LinkedIn users a secure OAuth connection—meaning Jobiri never reads or stores your passwords. For users logging in with email and password, Jobiri always salts the credentials.
Zero email access
Jobiri do not read the emails you send and receive associated with your connected email account.