What is Journyx Doing about Data Security?
4 Key Data Security Principles We Live By
Many organizations ask us this as they’re evaluating our cloud software option, and we completely understand why: you want peace of mind knowing that Journyx is doing the right things to safeguard your organization’s time and expense data.
We take the security of your organization’s data seriously, by putting these measures in place:
1. We are SOC Compliant
The security and integrity of the data in their Journyx systems is critical to our customers. That’s why Journyx complies with the relevant SOC standards for internal controls. We undergo an SSAE 16 Type II assessment annually, and require appropriate industry-standard audits of our co-location partners. In this way, we meet the same high standards our customers hold for their own data security and integrity controls.
2. Reliable Data Center
When a customer chooses the cloud option, Journyx creates a separate and exclusive installation of our software for the customer. The installation is then stored on dedicated servers hosted across two Amazon Web Services (AWS) regions. These regions are located in separate geographical locations within the contiguous United States. Additionally, Journyx has servers located in various data centers (availability zones) within each region for fault tolerance and high availability. Only authorized Journyx staff can access and manage our cloud operations.
How reliable is AWS
AWS is committed to 99.99% availability per region. In the very unlikely event both AWS regions fail, we have the capability to run your hosted site from Journyx Headquarters.
3. Your data is managed by the Journyx team
Your organization’s data is valuable and sensitive, which is why we don’t outsource the management of your data. Journyx staff – and ONLY Journyx staff – handle all customer data and cloud operations.
4. We adhere to strict data privacy controls.
Journyx certifies under Privacy Shield and is committed to GDPR compliance. Additionally, all of our third-party data processors that handle any personal information in any way are put through a rigorous review to ensure they are also compliant with GDPR.