Trust & Security
Jobiri guarantees compliance with strict privacy and security standards. Here are the policies, procedures and technologies we use to meet and exceed industry standards and requirements.
Certifications and compliance
Quality management systems UNI EN ISO 9001
The ISO 9001:2015 certification reflects our commitment to structured and continuously improving quality management, ensuring optimised processes to provide a reliable and high standard of service. Click here to access the certification.
ISO/IEC 27001 data security certification
With advanced and verified protocols, we protect sensitive user data, offering a secure platform that fully complies with information security and protection standards. Click here to access the certification.
Cloud Security Compliance ISO/IEC 27017:2015
Jobiri manages the cloud environment in a secure and controlled manner, providing our users with cloud protection based on security best practices. Click here to access the certification.
ISO/IEC 27018:2019 public cloud security compliance
Being ISO/IEC 27018:2019 compliant ensures that the privacy and security of personal data in the public cloud is protected, making Jobiri a safe choice for those seeking protection and privacy. Click here to access the certification.
SaaS solution qualified by AgID
Thanks to the Jobiri SaaS solution, schools, universities, municipalities and public institutions are guaranteed to innovate and make more effective their services at work respecting the obligations to acquire only qualified SaaS services as required by AgID circulars April 9, 2018 n. 2 and 3.
AWS Compliance Standards
Our Infrastructure Service provider, AWS, is certified ISO 9001, ISO 27001, ISO 27017, ISO 27018, SOC 1, 2 & 3.
Code of Ethics
Our Code of Ethics provides guidance on conducting business according to the highest ethical standards to all Jobiri staff, collaborators, and partners.
PCI Compliant
We are PCI compliant through our payment processor, Stripe, which encrypts and stores credit card details.
GDPR Committed
We have incorporated GDPR standards into data practices to make sure our customers, whether citizens of the EU or businesses with European customers, feel secure to use Jobiri. Read our Privacy Policy here.
Procedures overview
Data Hosting
Amazon Web Services
Jobiri infrastructure is hosted and managed within Amazon’s secure data centers. Jobiri leverages all of the platform’s built-in security and privacy features. AWS continually monitors its data centers for risk and undergoes assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under: ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate and Sarbanes-Oxley (SOX).
Backups
Jobiri performs daily backups.
Encryption
Data that passes through Jobiri is encrypted, both in transit and at rest. All connections from the browser to the Jobiri platform are encrypted in transit using TLS SHA-256 with RSA Encryption. Jobiri requires HTTPS for all services. Jobiri uses HSTS to ensure browsers interact with Jobiri only over HTTPS and is on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.
Training
All employees are trained on security and data handling to ensure that they uphold our strict commitment to the privacy and security of your data.
Confidentiality
All employees sign a confidentiality agreement before they start at Jobiri.
Reliability and redundancy
Business continuity e disaster recovery
Jobiri has built and documented internally its business continuity and disaster recovery plans in order to ensure high availability.
Click here to check the status of our systems.
Software development lifecycle
Routine Audits
Jobiri continuously scans the product for service interruptions, performance degradation and security vulnerabilities to immediately alert our engineers and take action when an incident has been detected.
New releases
New releases to the Jobiri platform are thoroughly reviewed and tested to ensure high availability and a great customer experience. Changes to our codebase are required to be peer reviewed before being deployed.
Continual monitoring
After a changeset is released, we continue to monitor application exceptions and log exceptions. These exceptions are regularly reviewed and triaged for resolution. Performance impacts of the changeset are monitored through several monitoring services.
Vulnerability control
Malicious software prevention
Our employees’ equipment is defended by anti-malware software, and we run routine phishing tests to further educate and train employees.
Vulnerability scanning
We keep our systems up to date with the latest security patches and continuously monitor for new vulnerabilities through compliance and security mailing lists.
Authentication
Social Network Login credential protection
For Google, Facebook and Linkedin connections, Jobiri never collects passwords. This also enables you to set additional security precautions with that provider including 2-factor authentication (2FA).
Email and Password Login
For users logging in with email and password, Jobiri always salts the credentials.
Our SSRM clarifies security roles and responsibilities between Jobiri and its users, ensuring that data protection is addressed in a comprehensive and transparent manner.
This model, based on industry best practices, precisely defines areas of responsibility for each user group, ensuring secure use of the platform and effective collaboration in security management.
With Jobiri, security is a shared commitment to proactively and reliably protect data and information. Click here to access our Shared Security Responsibility Model (SSRM)
Procedures overview
Secure authentication
Jobiri offers Google, Facebook and LinkedIn users a secure OAuth connection—meaning Jobiri never reads or stores your passwords. For users logging in with email and password, Jobiri always salts the credentials.
Zero email access
Jobiri do not read the emails you send and receive associated with your connected email account.
