Last updated: December 18, 2023

Security Overview

JRNI, Inc (“JRNI”) shall at all times use industry standard technical, physical and procedural controls to protect the Customer Data against destruction, loss, alteration, unauthorized disclosure to third parties or unauthorized access by employees or contractors employed by JRNI, whether by accident or otherwise.    

JRNI’s security strategy is to protect Customer Data at multiple levels, which includes data security, data integrity, and data privacy.

Without limiting the first paragraph of this Schedule, to ensure the privacy, security, and availability of Customer data and transactions, JRNI employs the following technologies in delivering its service.

• Secure Data Center
• Encrypted User Authentication
• Internet Firewalls
• Network Translation and Proxy Services
• Secure Socket Layer Data Encryption (SSL) on sensitive credit card information.
• High quality industrial strength Routers and Switches
• High quality industrial strength Web and Application Servers
• Redundant, Highly Available Power
• Regularly Scheduled Backups and restore processes

Data Security Data Center Security

JRNI’s production systems are located in one of the leading co-location facilities in the United States of America. Production web, application, and database servers along with network equipment are housed in a suite at the colocation facility which provides 24×7 security. To access the suite there are several levels of security that must be passed where each entry point provides state of the art card readers, scanners, and other access devices.

Network Security

JRNI’s network is protected by firewalls against unauthorized access. Leading-edge firewall equipment has been chosen to protect the network.

Data Security

JRNI’s systems use 256-bit with a 2048 key length SSL encryption to protect all customer and visitor data, including all transaction and PII in transit. All databases are encrypted at rest and protected by firewalls against unauthorized usage. Database users are restricted to a controlled list; individual activities are restricted.

Secure Application Access

JRNI’s users access the application using password authentication which is encrypted with Secure Hash Function. The robust design of the application prevents a customer from accessing another customer’s data. There are several layers of protected servers that stand between the web page where the customer logs in and the actual data. All data is encrypted using AES 256-bit.

System Security

JRNI uses controlled passwords on its servers and network equipment. JRNI limits access to production systems to authorized personnel only. Passwords are changed on a regular basis. Security updates to the operating systems are tracked and updated as necessary.

System Reliability

JRNI looks at its application as well as the infrastructure as a tightly integrated system. JRNI has spare servers ready to deploy at a moment’s notice in the event of an equipment failure. JRNI chooses equipment of the highest quality to power our application.

JRNI has in place an expert team to provide services for server and network management, monitoring, backups, and other necessary maintenance. System administrators respond to monitoring alerts 24×7 and repair critical failures immediately.