DATA SECURITY
Jobba provides roofing businesses with the latest technology to ensure all your information remains private, while protecting you against data breaches and cyber threats.
Your roofing company houses a lot of sensitive information—both internally and externally. With so much important data under your care, it’s vital that you have a strong roofing software security system.
OUR SOFTWARE ARCHITECTURE
Built from the ground up, Jobba is designed to work over WiFi/cellular data networks and is hosted in the cloud by the Google Cloud Platform (GCP). It’s architecture allows for redundancy and resiliency, distributed performance, and disaster recovery.
Google Cloud provides state-of-the-art security, reliable storage (designed for 99.999999999% durability), unparalleled performance, and a strong presence throughout the globe. Their reliability is proven by being able to provide product offerings that are used worldwide – every minute of every day – without interruption. A major portion of all the world’s internet traffic rides on Google’s private cloud infrastructure.
Security MONITORING
Security is enhanced by Google Cloud internally in many ways. Compared to other cloud providers, the Google Cloud implementation is much more mature and affords much better security services. Google Cloud also provides security monitoring which gives us deeper insights into strange behaviors and more. We employed all these tools, as well as others, in the Jobba co-tenant/live application.
SPEED & PERFORMANCE
The network performance provided by Google Cloud is second to none. This is the same network that Google.com uses, with no perceived degradation in performance at any time. Network performance is further improved by employing additional features provided by Google Cloud which direct the traffic to travel over the Google Cloud network to the point of presence (POP) nearest to the client. This minimizes the amount of time that network traffic exists on the internet and greatly minimizes the latency (delay) that the customer will experience. Plus, because of the network pipes that Google Cloud provides for better bandwidth and performance, the overall performance of file access is greatly improved when compared to other cloud providers.
DATA ACCESS GUARANTEE
Jobba’s Data Access Guarantee ensures that users can access and export their data anytime, in a usable format and in a timely matter. Jobba guarantees that you will have access to your data, know where that data is located, and that your data will be accessible, usable, safe and trusted.
DATA RECOVERY
The Jobba servers are backed up every 4 hours. The Jobba database is also exported to a bucket every night so that in the case that malware breaks in, the database can still be retrieved. Files, pictures, and other objects are stored in buckets. The buckets are not accessible directly from the Jobba servers and therefore are out of reach of any malware. There are additional reasons why you should feel safe with the storage of your data. Each company receives their own dedicated bucket. There is no co-mingling of files, documents, and other objects. Furthermore, the data in each bucket is encrypted.
Our Disaster Recovery and Business Continuity Plan is supported by storage that creates copies that exists in at least two regions to guard against natural disasters or other such cataclysmic events, thereby providing geo-redundancy.
ADDITIONAL DETAILS
• All internal communication is automatically encrypted and all data that is stored on persistent disks are encrypted under 256-bit AES. The encryption keys are also encrypted with a set of continually changed master keys.
• Each Jobba customer is assigned a dedicated Google Cloud Project which firewalls network credentials, files, and everything else from any other project.
• The Jobba application uses TLS 1.2 with strong encryption algorithms. In addition, the application encrypts the data starting at when the user enters a value or text and it is decrypted when it arrives at it’s destination. Even if the TLS 1.2 encryption is compromised, the data is still secure.
• Jobba servers are scanned each day with TrustGuard tools to verify that the applications meet PCI DSS standards. The TrustGuard certificate scans for PCI DSS compliance, verifies the validity of the Jobba Certificate, scans for Malware, and provides $100,000 of cyber security insurance.
• We use web-based Pentest tools to perform various network and website vulnerability scans. In front of all the Jobba servers there is a firewall which allows only https (port 443) and examines each packet by an intrusion detection and prevention system to make sure malicious attacks are not performed on the servers.
• Any computer that scans the Jobba website will be banned, as will any website which tries to inject malicious attacks in the Jobba data connection.
• Windows Server Webroot is installed which is a behavior and signature-based anti-virus/anti-malware program. This security program will monitor any program’s behavior and can detect malicious attempts to open and encrypt files. In the eventuality that the Webroot program cannot immediately identify the source or is not able to kill the malware, the files will be first backed up in such a way that they are out of reach of the malware. Webroot professionals can then be called to retrieve the saved data and identify the malware. In any case, the data can be restored from backup.
• In addition to the advanced monitoring that Google Cloud provides, we have provided for a separate and independent monitoring architecture which actively receives notifications and assesses information for any issues. These issues are then sent to Jobba Trade Technologies development team as notifications of untoward events. The goal is that we find the problem before our customers do and can remove any bottle necks or performance issues in and outside of the Jobba application when needed.
