Security and Privacy
Joe Security takes security and data privacy very serious. Apart from Cloud Basic, our community service, Joe Security does not share or use any of your data.
Customer Data Protection
- Logical or physical Tenant Separation
- Encryption In-Transit (TLS 1.2, SSL Labs Grad A)
- Encryption At Rest (AES-128 or AES-256)
Customer Data Control
- Configurable Data Retention (1 – 30 days max)
- Secure deletion at any time (manual or via API)
- Encryption of Analyses with Customer-provided passwords
Cloud Security
- Redundant Infrastructure (Cloud Pro)
- DDOS Protection & WAF
- SSO, 2FA and security log
- Vulnerability Scanning
Application Security
- Annual Penetration Testing
- Vulnerability Scanning
Compliance
- Joe Security is fully ISO 27001 certified
- All Data Centers are ISO 27001 certified and located in Europe
- GDPR compliant (DPA available)
Data Privacy
- No sharing of analysis reports with third parties
- No sharing of samples, IOCs or other artifacts with third parties
- No use of IOCs for threat intelligence or feeds
Sustainability
- Carbon-neutral datacenters
- Solar energy powered offices
- Local carbon offsetting projects