Skip to end of metadata
Go to start of metadata

Introduction

Jitterbit is vigilant at applying safe and secure integration processes. We use strict security measures to protect our customers’ valuable information, and constantly evaluate and improve our systems and processes to keep abreast of the latest security demands. Jitterbit's security features are summarized below.

Jitterbit Harmony Cloud Security

  • Encrypted messaging
  • Web services security (v3)
  • HTTPS encryption
  • No inbound connections from cloud to agent (i.e. the server running on customer’s network)
  • Authentication
  • Access control lists
  • SOC 1 Type 1 & Type 2
  • SOC 2 1 Type 1 & Type 2
  • FIPS 140-2 encryption and unique-per-customer encryption keys
  • Password encryption
  • Two-factor authentication
  • Single sign-on (SSO)
  • Configuration of integration projects deployed on Jitterbit Harmony to meet several industry-specific and regional regulations and standards including:
    • Compliant with the policies established by the EU for GDPR
    • Compliant with the policies of HIPAA established by the US Department of Health & Human Services (HHS) 
    • Compliant with the standards and best practices established by Cloud Security Alliance (CSA)

Data Center Security

  • Highly secure data centers with state-of-the-art electronic surveillance and multi-factor access control systems
  • 24-7 professional security staff
  • Least-privileged-based access system
  • Fire detection and suppression
  • 24-7 power, UPS (uninterruptible power supply) provides backup power
  • Climate and temperature control
  • Monitored electrical, mechanical, and life support systems and equipment so that any issues are immediately identified
  • Multiple availability zones allow you to remain resilient in the event of system failures and natural disasters
  • Storage device decommissioning
  • Business continuity management
  • High availability and fault tolerance
  • Data replication and backup
  • SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II)
  • SOC 2
  • SOC 3
  • PCI DSS Level 1
  • ISO 27001
  • FIPS 140-2

Network Security

  • Secure network architecture including firewall and other boundary devices that employ rule sets, access control lists (ACLs)
  • Distributed Denial of Service (DDoS) protection and mitigation
  • Port scanning, spoofing, and sniffing defenses
  • Network host vulnerability scanning
  • Secure access points – API endpoints that allow secure HTTP (HTTPS) access
  • Transmission protection using SSL
  • All Agent / Studio to cloud communication using SSL/TLS encryption (HTTPS)
  • Penetration testing
  • Host hardening
  • Network monitoring and protection

Jitterbit Security Release Policy

Jitterbit releases critical patches within four weeks of the first report, or earlier.

Jitterbit Privacy Policy

Refer to the Jitterbit Privacy Policy.

On This Page

Last updated:  Apr 10, 2019