What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    We have some questions as part of our security audit

    Asked by Madan  on November 05, 2016 at 01:16 AM

    Dear Team

    This is Madan. The Jotform userid/account we use is TMI

    i have a links created for a Project to my client.The client is asking for the below information as part of the security Audit. could you please help me with the information

     

     

    1)      If any security testing (VA / PT) has happened on the Application/links

     

    2)      Location of IT Hosting for Application and servers used for storage of documents methods used

     

    3)      methods used Purging of documents

     

    4)      Security Controls at Jotform for protection of documents

     

    Thanks & Regards

    Madan

    Manager - Network

    TMI Group

     

     

    information
  • Profile Image
    JotForm Support

    Answered by Welvin on November 05, 2016 at 11:35 AM

    Is it the account with username TMI under the domain http://tminetwork.com/? To answer your questions:

    1. As far as I know, we have been pen tested before and just recently, a vulnerability assessment was made by whitehat individuals and all glitches that have been reported have been patched already. 

    2. We have servers in US and UK. EU users have the option to store their form data to our EU servers (https://www.jotform.com/eu-safe-forms/). We used Amazon S3 for File Uploads. 

    3. We have backend tool that can delete user's data in one click. Users who would like to delete their data can go to the form submissions page: https://www.jotform.com/help/269-How-to-view-Submissions. We also have the following tools that can be used to delete form's data:

    http://apps.jotform.com/app/auto_delete_submissions

    http://apps.jotform.com/app/search_and_delete

    4. All files have the combination of the username, form ID, and the submissions ID. With just this, the files are already secured from public access, but assuming that it's not shared elsewhere. Also, under the privacy settings, form owners has the option to restrict download for them only.

    https://www.jotform.com/myaccount/settings

    I do hope the above answers your questions. Let us know here if you have a follow up question(s).

  • Profile Image

    Answered by Madan  on November 05, 2016 at 11:44 PM
    Dear Team
    Thank you for the response, yes this is account of TMI
    Could you share us the final report of the assessment or some audit certificate of the report, it will help me to share to the client
    Thanks & Regards
    Madan
    Manager - Network
    TMI Group
    Sent from my iPhone
    ...
  • Profile Image
    JotForm Support

    Answered by Welvin on November 06, 2016 at 05:11 AM

    I am not sure if we have the report, but let me ask this to our higher ups. I'll let you know.