You own and control your data. We protect and defend it.
Our commitment to recruitment agencies, staffing firms and talent acquisition teams
To be transparent about our operations, policies and technologies
To ensure the security, compliance and privacy of your data
To support and empower the privacy decisions of every single user
Information security certifications
We’re proud that JobAdder has achieved internationally recognised ISO 27001:2013 certification. This standard demonstrates JobAdder’s commitment to global best practice, having implemented a robust approach to protect your data. JobAdder is audited regularly to maintain the accreditation status.
We use Amazon Web Services (AWS) as our host operating system in the cloud. Security and compliance is therefore a shared responsibility between AWS and JobAdder. We’re responsible for securing your data, while AWS is responsible for securing the infrastructure that hosts it. Amazon’s data centre operations have been audited and certified under:
SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
PCI Level 1
Federal Information Security Management Act – Moderate
Data centre locations
While JobAdder has global reach, your data is stored locally. Our data centres are hosted with AWS. AWS architecture ensures that data doesn’t migrate beyond a geographic boundary and complies with data regulations, including GDPR. Find out which data centre is relevant to your business on the map below.
High technical and physical security
Resilience to disasters and data loss
Energy efficiency and sustainability
JobAdder uses Cloudflare for WAF (web application firewall) and DDoS (distributed denial-of-service) mitigations
AWS Network Load Balancer restricts access to only required ports/services
AWS security groups are utilised for network segmentation on a least access model
Application server operating systems hardened to provide only necessary ports, protocols, services and applications as part of the baseline standard build
CAIQ (Consensus Assessments Initiative Questionnaire) and pen-tests are available on request. To view JobAdder’s Penetration Test Policy, please click here
Web and application servers run on the latest version on a hardened Windows Server Linux AMI
Windows updates, hotfixes and service packs are applied promptly
Port blocking is set at the network setting level
RDP connection encryption level is set to high and only accessible via VPN connection
Unnecessary services are disabled
Windows Defender and Crowdstrike are enabled and set to be updated daily
Logs are shipped to New Relic for monitoring and alerting
For a full list of JobAdder’s Security FAQs, please click here
JobAdder is cloud-based to ensure data is securely encrypted and stored in AWS data centres
Data can be restored from backup and regular backups take place nightly and weekly
In the case of any unforeseen incidents Disaster Recovery and Business Continuity Plans are in place, as part of our ISO27001 certification
JobAdder utilises AWS multiple Availability Zones (AZ) to remain resilient in the face of most failure modes
JobAdder has two AZs in each region and tests are conducted regularly to ensure different disaster scenarios are mapped and planned for
JobAdder has a Multi-Factor Authentication (MFA) feature, which requires two proofs of identity (JobAdder password and authenticator app code on the user’s mobile) to grant access to your JobAdder account.
Single Sign-On (SSO) is available for increased security. JobAdder integrates with a third-party SaaS product, Auth0, which supports a range of enterprise authentication mechanisms, including OpenID Connect (OIDC) and Security Assertion Markup Language (SAML):
Subprocessors JobAdder uses third-party subprocessors to assist in the service we provide. Read the full list of subprocessors here.
JobAdder is committed to providing high availability and is transparent with customers about this, which means you can visit our status page anytime to quickly see if the JobAdder platform, or any related services, are experiencing any degradation. You can also see our standard Service Level Agreement (SLA) here.