Security
JobKred is committed to providing you with best-in-class security, integrations and features
that ensure
the successful implementation and delivery of our products and services.
Your Security is Our Priority
JobKred understands the need for is committed to high standards for compliance, security, and accessibility of our corporate and customer systems. Our actions in these areas of governance are designed to minimize risk to our customers while maintaining robustness and availability of our technology in accordance with contracted service levels for our customers.
Security
Access Authentication
JobKred supports SAML 2.0 and SSO integration. Application access is controlled by customer defined groups based on configurable permissions. Corporate and customer data is only accessible by users with appropriate authority
SAML and SSO integrations
Security assertion markup language makes use of the same Identity provider which we saw in OpenId, but it is XML based and more flexible. The recommended version for SAML is 2.0. SAML also provides a way to achieve Single SignOn(SSO), user can make use of the Identity provider URL to login into the system which redirects with XML data back to your application page which can then be decoded to get the user information. We have SAML providers like G Suite, Office 365, OneLogin, Okta etc
Encrypted Data
JobKred uses industry-standard TLS and AES to encrypt data in-transit and at-rest. Encryption keys for JobKred attachments, stored in S3, are managed by AWS.
Physical Protection
JobKred hosts data in AWS, utilize state-of-the-art electronic surveillance and multi-factor access control systems. It is guarded every minute by trained security guards, and access is authorized very strictly. Environmental systems are designed to minimize the impact of disruptions to operations.
External Security Audit
JobKred’s application has been audit by an external cybersecurity company (ECC) for vulnerability assessment and penetration testing (VAPT). A variety of technologies, tools, and techniques are employed by the ECC to provide broad coverage against various types of threats.
Data Protection
JobKred is Personal Data Protection Act (PDPA) compliant under Singapore Law, and is currently working towards being General Data Protection Regulation compliant.
Data Backup
We utilise multiple backup methods such as snapshots, Google Cloud Storage and AWS to periodically backup data. As part of our Disaster Recovery Plan, we also do regular recovery tests.
Privacy Policy
JobKred goes to great extend to ensure clients’ data are kept confidential and private. We have extended documentation which explains in great details how our security infrastructure is managed, how we handle data and also our privacy policies.
JobKred supports SAML 2.0 and SSO integration. Application access is controlled by customer defined groups based on configurable permissions. Corporate and customer data is only accessible by users with appropriate authority
SAML and SSO integrations
Security assertion markup language makes use of the same Identity provider which we saw in OpenId, but it is XML based and more flexible. The recommended version for SAML is 2.0. SAML also provides a way to achieve Single SignOn(SSO), user can make use of the Identity provider URL to login into the system which redirects with XML data back to your application page which can then be decoded to get the user information. We have SAML providers like G Suite, Office 365, OneLogin, Okta etc
Encrypted Data
JobKred uses industry-standard TLS and AES to encrypt data in-transit and at-rest. Encryption keys for JobKred attachments, stored in S3, are managed by AWS.
Physical Protection
JobKred hosts data in AWS, utilize state-of-the-art electronic surveillance and multi-factor access control systems. It is guarded every minute by trained security guards, and access is authorized very strictly. Environmental systems are designed to minimize the impact of disruptions to operations.
External Security Audit
JobKred’s application has been audit by an external cybersecurity company (ECC) for vulnerability assessment and penetration testing (VAPT). A variety of technologies, tools, and techniques are employed by the ECC to provide broad coverage against various types of threats.
Data Protection
JobKred is Personal Data Protection Act (PDPA) compliant under Singapore Law, and is currently working towards being General Data Protection Regulation compliant.
Data Backup
We utilise multiple backup methods such as snapshots, Google Cloud Storage and AWS to periodically backup data. As part of our Disaster Recovery Plan, we also do regular recovery tests.
Privacy Policy
JobKred goes to great extend to ensure clients’ data are kept confidential and private. We have extended documentation which explains in great details how our security infrastructure is managed, how we handle data and also our privacy policies.