Security & Compliance
Live status of our security posture and controls.
SOC 2 Type II
Audited by Deloitte. Report available upon NDA.
Data Residency
US-East (N. Virginia) & EU-West (Frankfurt).
Uptime SLA
99.99% Guaranteed for Access Control API.
Data Encryption
JMX employs strict encryption standards for all data. Data in transit is encrypted via TLS 1.3. Data at rest (including access logs and user PII) is encrypted using AES-256 GCM. Keys are managed via AWS KMS with automatic rotation.
Email Delivery Security
To prevent spoofing and ensure delivery of critical alerts, JMX enforces:
- SPF/DKIM: Strict alignment for all sending domains.
- DMARC: 'Reject' policy enforced to protect tenant domains.
- MTA-STS: Enforced TLS for mail transport.
Physical Security
JMX utilizes Tier-4 data centers (AWS/GCP). Physical access is restricted to authorized personnel with biometric authentication. We do not maintain on-premise servers for tenant data.
Vulnerability Management
We conduct quarterly penetration testing and maintain a private Bug Bounty program. Critical patches are applied within 24 hours of release.