Juro's network and infrastructure security

At Juro, we take the security of your data seriously.

We know that our customers use Juro to collaborate on some of the most sensitive documents in their business.

That’s why we invest considerably in network security measures designed to keep your data safe. Keep reading to find out more about our network and infrastructure security.

Encryption

All data transmission between the Juro application and customer endpoints is encrypted using industry-standard transport layer security (TLS) protocol. TLS provides end-to-end encryption to protect data even if a server between the source and destination is compromised.

Juro uses TLS versions 1.2 and 1.3 only and checks its TLS setup daily. According to the Qualys SSL Server Test, Juro currently holds an A+ grade.

When data is at rest in Juro, it is encrypted using 256-bit advanced encryption standard (AES). This is a symmetric encryption algorithm that uses a 256-bit secret key to encrypt and decrypt data. It is widely used by organizations worldwide, including by US government agencies to protect classified information.

Firewalls

We use AWS security groups and Kubernetes network policies to ensure the security and control of our systems. By leveraging AWS security groups, we are able to define inbound and outbound rules that regulate access to our resources, enhancing their protection against unauthorized access.

Additionally, Kubernetes network policies provide further control over traffic within our Kubernetes clusters, allowing us to define specific rules for communication between pods.

Together, these measures contribute to a robust infrastructure that create strong safeguards for our applications and data.

Intrusion prevention

We use the comprehensive security features of AWS Web Application Firewall to provide robust protection for the Juro application.

By leveraging the advanced capabilities of AWS Web Application Firewall, we ensure that our application remains highly secure and has best-in-class protection from threats.

Penetration testing

We regularly engage independent security experts to conduct penetration testing of the Juro application to identify vulnerabilities.

In addition to the regular schedule of penetration testing, we conduct additional tests whenever any significant application changes occur that affect security.

We monitor the outputs and recommendations of these tests, and prioritize and address issues identified in accordance with our vulnerability management program.

Vulnerability scanning

We conduct regular scans of our code to identify known vulnerabilities. You can find out more about the code scans we conduct in our article on application security.

Please get in touch with us if you have further questions around our network and infrastructure security - fill out the form below, or contact us at support@juro.com.