Clientjoy takes measures to avoid & nullify attempts by third-parties to compromise data of users of Clientjoy. This document details the measures that we have taken while building & deploying the software.
Clientjoy is a complete client life-cycle software for modern teams and agencies that allows them to manage their Leads, Proposals, Invoices and Payments in one place.
API authentication happens with OAuth 2.0 for both client & user access. At code level, CSRF, Form tampering, SQL Injection and XSS prevention have been deployed. Cloud Flare is used as Firewall. Network is SSL encrypted. Data access happens through multi-factorauthentication and data is encrypted in transit & at rest.
The environment that hosts Clientjoy maintains multiple certifications for its data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. For more information about their certification and compliance, please see this.
Our infrastructure will run on systems that are fault tolerant, for failures of individual servers or even entire data centers.
Customer Data will be stored redundantly at multiple locations in our hosting provider’s data centers to ensure availability. We have well-tested backup and restoration procedures, which allow recovery from a major disaster. Customer Data and our source code are automatically backed up nightly. In case of a misbehavior, the Operations team is alerted in real-time and back-up is automatically deployed.
We place strict controls over our own access to the data. We have technical controls and audit policies in place to ensure that if any, access to Resources is logged. We do a review of these policies routinely every 90 days along with security audits.
All of our employees and contract personnel are bound to our policies regarding Customer Data and we treat these issues as matters of the highest importance within our company.
Web connections to Clientjoy will be via TLS 1.2 and above. We support forward secrecy and AES-GCM, and prohibit insecure connections using SSL 3.0and below or RC4.
All files at rest & in-transit are encrypted using 256-bit Advanced Encryption Standard (AES).