DATA SECURITY
Jobba provides roofing businesses with the latest technology to ensure all your information remains private, while protecting you against data breaches and cyber threats.
Your roofing company houses a lot of sensitive information—both internally and externally. With so much important data under your care, it’s vital that you have a strong roofing software security system.
OUR SOFTWARE ARCHITECTURE
Built from the ground up, Jobba is designed to work over WiFi/cellular data networks and is hosted in the cloud by the Azure Platform. Its architecture allows for redundancy and resiliency, distributed performance, and disaster recovery.
Microsoft Azure provides state-of-the-art security, reliable storage, unparalleled performance, and a strong presence throughout the globe. With a highly secure cloud foundation managed by Microsoft, Azure provides multilayered, built-in security controls and unique threat intelligence to help identify and protect against rapidly evolving threats.
High Availability
The Microsoft Azure cloud offers high availability and redundancy in data centers on a global scale. Azure offers a service level agreement, or SLA, of 99.95% (approximately 4.38 hours of downtime per year).
Data Security
Microsoft Azure strongly focuses on security, following the standard security model: detect, assess, diagnose, stabilize, and close. Paired with strong cybersecurity controls, this model has allowed Azure to achieve multiple compliance certifications, establishing Azure as a leader in cloud security.
Scalability
Azure Vertical Scaling offers improved processing power and memory capacity with increased server load, ensuring optimal performance and responsiveness as application demands increase. Azure Horizontal Scaling efficiently distributes and manages the load across automatically added server instances, preventing performance bottlenecks and enhancing the system’s overall responsiveness.
DATA ACCESS GUARANTEE
Jobba’s Data Access Guarantee ensures that users can access and export their data anytime, in a usable format and in a timely matter. Jobba guarantees that you will have access to your data, know where that data is located, and that your data will be accessible, usable, safe and trusted.
DATA RECOVERY
The Jobba servers are backed up every 4 hours. The Jobba database is also exported to a bucket every night so that in the case that malware breaks in, the database can still be retrieved. Files, pictures, and other objects are stored in buckets. The buckets are not accessible directly from the Jobba servers and therefore are out of reach of any malware. There are additional reasons why you should feel safe with the storage of your data. Each company receives their own dedicated bucket. There is no co-mingling of files, documents, and other objects. Furthermore, the data in each bucket is encrypted.
Our Disaster Recovery and Business Continuity Plan is supported by storage that creates copies that exists in at least two regions to guard against natural disasters or other such cataclysmic events, thereby providing geo-redundancy.
ADDITIONAL DETAILS
• All internal communication is automatically encrypted and all data that is stored on persistent disks are encrypted under 256-bit AES. The encryption keys are also encrypted with a set of continually changed master keys.
• The Jobba application uses TLS 1.2 with strong encryption algorithms. In addition, the application encrypts the data starting at when the user enters a value or text and it is decrypted when it arrives at its destination. Even if the TLS 1.2 encryption is compromised, the data is still secure.
• Jobba servers are scanned each day with TrustGuard tools to verify that the applications meet PCI DSS standards. The TrustGuard certificate scans for PCI DSS compliance, verifies the validity of the Jobba Certificate, scans for Malware, and provides $100,000 of cyber security insurance.
• We use web-based Pentest tools to perform various network and website vulnerability scans. In front of all the Jobba servers there is a firewall which allows only https (port 443) and examines each packet by an intrusion detection and prevention system to make sure malicious attacks are not performed on the servers.
• Any computer that scans the Jobba website will be banned, as will any website which tries to inject malicious attacks in the Jobba data connection.
• Windows Server Webroot is installed which is a behavior and signature-based anti-virus/anti-malware program. This security program will monitor any program’s behavior and can detect malicious attempts to open and encrypt files. In the eventuality that the Webroot program cannot immediately identify the source or is not able to kill the malware, the files will be first backed up in such a way that they are out of reach of the malware. Webroot professionals can then be called to retrieve the saved data and identify the malware. In any case, the data can be restored from backup.
• In addition to the advanced monitoring that Microsoft Azure provides, we have provided for a separate and independent monitoring architecture which actively receives notifications and assesses information for any issues. These issues are then sent to Jobba Trade Technologies development team as notifications of untoward events. The goal is that we find the problem before our customers do and can remove any bottle necks or performance issues in and outside of the Jobba application when needed.