Data Security at Juro

Keeping your data safe

Our infrastructure

Juro operates on servers that comply with strict international standards. These standards include ISO 27001, ISO 9001, ISO 27017, ISO 27018, C5, Cyber Essentials Plus, DoD SRG, FedRAMP, FIPS, PCI DSS Level 1, SEC Rule 17-a-4(f), SOC1, SOC2 and SOC3.

Access to infrastructure at Juro is securely controlled via VPN. Access to critical third party software providers used by Juro are limited to VP-level employees only and protected by 2-factor authentication.

Data is stored in the EU region by default on AWS servers and is continuously backed up. Our data centres are protected by physical access controls, intrusion and fire detection systems and 24/7 professional security staff. Authorised staff must pass two-factor authentication a minimum of twice before accessing data centre floors. Visitors are continually escorted on the premises.

Connections to Juro are encrypted using 256-bit SSL with integrity assured by the SHA2 ECDSA algorithm.

Document security

All contracts are version controlled by AWS S3 by defaults, so there’s a permanent trail not only on the database level but also on the storage level. All connection details (including passwords) are encrypted when stored on our servers.

Juro’s audit trail delivers a permanent record of transactions in Juro incorporating IP addresses and user information. Documents are timestamped backed up instantly by AWS services. Customer and activity data and audit trail is backed up on an automated basis every 6 hours and stored in AWS. Managed MongoDB instances are protected by 2-factor authentication and can be encrypted on demand.

Monitoring

We have continuous resource and infrastructure access monitoring in operation 24/7, 365 days a year. Any alerts generated by our monitoring system are sent to senior team members immediately and actioned. Juro uses various third parties (including Sqreen.io and Cloudflare) for vulnerability testing and app protection (WAF).

Training and audits

Regular third party audits are conducted at Juro to ensure we use the latest technologies and best practices to protect data. All employees at Juro are trained in data security and are bound by strict confidentiality provisions.

Security testing is an essential part of our quality assurance process when releasing updates or new features. All of our people are trained in these development processes prior to joining Juro as full time employees.

Data privacy

Our servers on AWS comply with applicable EU data protection laws and the AWS Data Processing Agreement incorporates the Article 29 Working Party Model Clauses.

See our Privacy Policy for more information.

Additional security options

By default, Juro offers leading data security technologies and procedures. However, should customers wish to enhance this further we offer additional security options. These include:

  • Complex passwords
  • 2-factor authentication for authentication and contract counterparties identification
  • SSO
  • Region-specific data hosting (by default, data is stored within the EU but we also offer the ability to host your data in the US)
Powered by Juro
Richard Mabey, CEO of Juro.com
Hello! The security of your data is a top concern for us at Juro. Please let us know if you have any questions or additional requirements.