Joonko has made it a priority to safeguard its customers data, and create a secure environment where they could tackle workplace bias, and improve diversity and inclusion.
Therefore, our entire product, and product development processes are security oriented as we understand how precious your data is, and the responsibility, and trust you have given us by sharing it with us. We would never misuse or abuse it.Our security model and controls are based on the top tier of industry standards and best practices.
We host our servers on Amazon Web Services (AWS) and Heroku. The AWS cloud infrastructure meets several global security compliance requirements including ISO, SOC, PCI, GPDR, and EU-US privacy shield.You can see their security and compliance page for more information. You can also see Heroku's.
Please see below for more detailed information on our policies and practices:
Any and all client’s data that Joonko analyzes through its integrations is never persisted or kept in lasting storage in any way. The data is only kept in our servers long enough for analysis and it is then securely discarded. All data that is stored is encrypted using strong AES-256 encryption using industry best practices (relying on AWS KMS).
Access to client’s data is limited to specific personnel within the company, all of whom are under strict NDAs. Developers only have approval to access the data in order to solve client requests, issues or bugs. The data you share with Joonko is private and confidential so we’ve set strict controls over our employees' access as we want to ensure that your data is never seen by anyone who should not see it.
Furthermore, to increase security, data is sharded and separated to various locations (both physical and logical) so that a security breach in any location will only reveal a small part of the data, providing nothing to the attacker.
User passwords are never stored in plain text. All user passwords are hashed and salted. This means no-one, not even our team, can see or decrypt it. Security tokens required for integrations are stored encrypted using Asymmetric encryption (RSA). The private key for decryption is stored on a secure S3 bucket with limited access to it based on specific IAM roles. Tokens are not, under no circumstance, available offline or persisted to any storage in decrypted form.
To provide the utmost security and privacy of our client data, each of our clients receives a dedicated server and database. Client data is never shared to other clients unless given specific consent. Each server is hardened, patched regularly for security updates, and isolated from external communications. Our cloud is unreachable from outside using security groups (Firewalls) and strict access control. In addition, within our network servers are unreachable and isolated from each other making sure that any breach cannot propagate to other servers.
All transmissions to and from Joonko including sign-on, are encrypted at 256-bit and sent through TLS 1.2 where applicable. In addition to encrypting external traffic from and to our cloud, Joonko encrypts all of its internal traffic.
Joonko employees adhere to strict password protocols for all logins credentials, using encrypted password management systems and multi-factor authentication. Employee’s permissions are continuously updated and adjusted so when an employee’s job no longer involves data access, the employee’s access rights are immediately revoked.
It's illegal to conduct background checks for our employees in Israel. However, all employees with access to the sensitive information are ex-military personnel, which have undergone background checks and received military clearance during their service.