Data is held in ISO-certified servers, protected by world-class infrastructure, practices and security.
Data at rest is encrypted using AES-256, and data in transit using TLS 1.2.
Josef applies automated, continuous vulnerability testing – including SAST and SCA – and independent, third party penetration testing.
Best coding practices and secure coding guidelines are applied.
Josef has undergone third party expert reviews to ensure compliance with privacy obligations, including the GDPR and the Privacy Act 1988 (Cth).