- christie catherineAsked on April 22, 2014 at 12:18 PM
I am an admin in the IT department at KKR Logistics. We are a supply chain solutions provider and are evaluating Saas solution for our internal use. While evaluating JotForm, we had the following questions. Would appreciate if you could provide the following information: 1. If a customer leaves the service, do you erase all the data associated with the customer? - Also do you allow the customer to download the data?
2. Does your site allow App user to create role based authentication policies?
3.Does your app provide Admin Audit Logs, User Data Logs and Data Access Logs?
4. Does your app support Ip filtering? can you allow/deny access to certain IP addresses to your Saas file?
5. We wanted to find out if you encrypted (or supported encrypting) the data we store in your app (in your database, file store, etc)?
- JotForm SupportTitusNAnswered on April 22, 2014 at 02:07 PM
No, we never delete data - and yes - we allow our users to download their data at will using our download apps among other methods.
Your other questions will be responded to shortly.
- JotForm SupportTitusNAnswered on April 22, 2014 at 03:33 PM
2. You can create profiles with different privileges using our platform - but you may not be able to integrate it with an active directory or a domain management for user policies. You may, however, want to consider trying Jotform Anywhere.
3.Yes it does through the user panel http://www.jotform.com/myaccount/history
4. We can do this upon request on our backend - but IP filtering affects the entire system - so its mostly about security, not functionality - You could, however, embed the form on your website which would have an IP filtering policy.
5. We support encryption through our SSL certificate, with which you can access your data using a secure/encrypted link. We also support exporting your data to encrypted locations through a range of data and financial integrations.
My answers were quite generic, and I apologize if I misunderstood your questions.
Please feel free to respond if you need further clarification.
- christiecatherineAnswered on April 23, 2014 at 01:51 AM
Thank you for all the information provided below. It helped me out in understanding security provided by you. Before proceeding further regarding purchasing subscription, I would like to know your product in little detail.
If you can provide me answers to them that will be great help.
1. Does your app have any Enforceable best practices for passwords?- Also Does your app provide 2-factor or multi-factor authentication ?
2. Do you have a disaster recovery plan - Do you publish this plan?i.e. if one of your data centres goes down in a geographic region will we instantly be back up and our data immediately available?
3. Does JotForms have any certifications? (SAS70, SOC1, PCI, ISO, SafeHarbor, etc)
4. What type of encryption is used to protect data at rest?
5. Do you support encrypting our data with a key we manage and provide?
6. Do you allow us to classify our data in your app into different categories such as public, confidential, proprietary, etc so that we can set different retention/etc policies on them?
7. Does your app support file sharing? If supports, what is the file capacity?
- JotForm SupportjonathanAnswered on April 23, 2014 at 03:41 AM
Please refer to answers to your inquiry accordingly.
#2. Yes, we do have disaster recovery plan. I believe it is not publicly publish.
Unfortunately, I will not be able to provide you much more details about that since that is a back-end process. Our higher team support will be more suited to provide information on that.
#3. To my knowledge JotForm do not have PCI and HIPAA certificates.
#4 and #5. JotForm support SSL encryption
#7. There are integration Apps capable of file sharing.
Hope this help.
If you have further similar inquiry, I suggest you send an e-mail instead to firstname.lastname@example.org so that the appropriate people will be able to provide the appropriate data/info you seek.
- JotForm SupportsteveAnswered on April 07, 2015 at 04:04 PM
Do let us know if you have any questions!