Security

Keeping your data secure is the highest priority at JackDB.

Security is of paramount importance.

At JackDB, our highest priority is to provide a secure environment for your data that meets and exceeds all industry-standard security practices and guidelines. The following is an overview of the steps we take to secure your data.

If you have any questions or feedback about this document, contact us at security@jackdb.com.

Physical data center security

JackDB runs on Amazon Web Services (AWS), a cloud computing platform. AWS stores data over several large-scale data centers and builds their services in accordance with security best practices.

More information on AWS's security can be found here.

Secure connections and data in-transit

JackDB uses SSL/TLS for all data transfer between your browser and our servers. We default to using strong cipher suites and enable Perfect Forward Secrecy (PFS) when it is supported by your browser.

Secure storage and data at-rest

Passwords are filtered from our server logs and one-way encrypted using bcrypt.

JackDB temporarily caches your query results. Result caches are encrypted using the AES-256 standard, with a random encryption key for each connection.

Encrypted database credentials

JackDB uses your database credentials, e.g., users and passwords, to connect to your database. All database credentials are encrypted using the AES-256 standard and decrypted only when we connect to your database.

Privacy

We do everything possible to safeguard your privacy and protect your data from unauthorized access. Your data is never exposed to the public.

For more information, please see our privacy policy.

Two-factor authentication

JackDB offers two-factor authentication for your account with time-based one-time passwords (TOTP) and authentication codes.

Secure payment information

All credit card processing is handled by Braintree, a validated Level 1 PCI DSS Compliant Service Provider. Your payment information is sent directly to Braintree and is never stored on our servers.

More information on Braintree's security can be found here.

PGP

Our PGP key is linked to below. All sensitive communications and security-related emails from JackDB will be signed with this key. You may also use this key to encrypt your communications with JackDB.

JackDB Public PGP Key

Key Fingerprint: 4700 BE13 C72A 1DB9 E4D6 ACA2 DE2B 523C FF38 3F32