At JackDB, our highest priority is to provide a secure environment for your data that meets and exceeds all industry-standard security practices and guidelines. The following is an overview of the steps we take to secure your data.
If you have any questions or feedback about this document, contact us at firstname.lastname@example.org.
JackDB runs on Amazon Web Services (AWS), a cloud computing platform. AWS stores data over several large-scale data centers and builds their services in accordance with security best practices.
More information on AWS's security can be found here.
JackDB uses SSL/TLS for all data transfer between your browser and our servers. We default to using strong cipher suites and enable Perfect Forward Secrecy (PFS) when it is supported by your browser.
Passwords are filtered from our server logs and one-way encrypted using bcrypt.
JackDB temporarily caches your query results. Result caches are encrypted using the AES-256 standard, with a random encryption key for each connection.
JackDB uses your database credentials, e.g., users and passwords, to connect to your database. All database credentials are encrypted using the AES-256 standard and decrypted only when we connect to your database.
We do everything possible to safeguard your privacy and protect your data from unauthorized access. Your data is never exposed to the public.
JackDB offers two-factor authentication for your account with time-based one-time passwords (TOTP) and authentication codes.
All credit card processing is handled by Braintree, a validated Level 1 PCI DSS Compliant Service Provider. Your payment information is sent directly to Braintree and is never stored on our servers.
More information on Braintree's security can be found here.
Our PGP key is linked to below. All sensitive communications and security-related emails from JackDB will be signed with this key. You may also use this key to encrypt your communications with JackDB.
Key Fingerprint: 4700 BE13 C72A 1DB9 E4D6 ACA2 DE2B 523C FF38 3F32