Data is held in ISO-certified servers, protected by world-class infrastructure, practices and security.
Data at rest is encrypted using AES-256, and data in transit using TLS 1.3.
Josef applies automated, continuous vulnerability testing – including SAST and SCA – and independent, third party penetration testing.
Best coding practices and secure coding guidelines are applied.
Josef has undergone third party expert reviews to ensure compliance with privacy obligations, including the GDPR and the Privacy Act 1988 (Cth).
“Data security and privacy of personal information were key considerations for us when choosing to work with Josef. The Josef team understands the importance of keeping confidential and personal data secure.”– Leigh Cooper, Director at Clean Energy Finance Corporation