Shared Responsibility Model for Jama Software® and Jama Connect® Cloud-hosted Customers

Amanda Jennewein
Amanda Jennewein
  • Updated

Published Date: August 9, 2024

Validated: Yes

Audience: Everyone

Products and Versions Covered:

  • Cloud/CVC
  • Jama Connect®

Summary

This document outlines the shared responsibilities between Jama Software® (as the cloud provider) and our customers regarding security, application management, and data within our cloud-based web applications. We use Amazon Web Services (AWS) for our infrastructure to ensure a secure and dependable platform.

Resolution

Jama Software® Responsibilities

  • Secure Infrastructure: Jama Software® is responsible for securing the underlying infrastructure supporting our web application, including network security and the operating systems of the cloud environment.
  • Application Security: Jama Software® is responsible for securing the core application code and the platform it runs within the AWS environment. This involves conducting regular vulnerability scans, applying patches, and implementing industry best practices for application security.
  • Data at Rest: We use AWS security features to encrypt your data at rest in cloud storage.
  • Disaster Recovery & Backups: We maintain robust disaster recovery and data backup procedures to ensure business continuity in case of unforeseen events.
  • Service Level Agreements (SLAs): We provide Service Level Agreements (SLAs) that ensure a specific level of uptime for our web application.

Customer Responsibilities

  • Data Security: Customers are responsible for the security of their data within our web application, including:
    • User Access & Permissions: Managing user access and permissions in our web application to ensure appropriate access levels.
    • Activity Monitoring: Monitoring user activity within the application for any suspicious behavior.
    • Session Timeouts: Setting session timeouts appropriately to reduce the risk of unauthorized access (available in Jama Connect 9.25).
  • Secure Use Practices: Customers are responsible for training their users in security practices, such as strong password management and avoidance of phishing attempts.
  • Reporting Security Incidents: Please report any suspected security incidents or vulnerabilities to our Customer Support team as soon as possible.

IMPORTANT: This shared responsibility model upholds our commitment to data privacy and security. We strive to provide a secure and reliable platform for your cloud-based web application needs.

Additional Resources 

 

Related to

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.