# Security

### Overview

Jam's security infrastructure meets enterprise standards with SOC 2 Type II compliance, end-to-end encryption, and robust cloud protection. Your data stays secure while your team stays productive.

### Security Certifications

Jam is compliant with **SOC 2 Type II** with annual audits and quarterly vulnerability assessments. 

| Security Certification | Status                         |
| ---------------------- | ------------------------------ |
| **SOC 2 Type II**      | :white\_check\_mark: Compliant |
| **GDPR**               | :white\_check\_mark: Compliant |
| **HIPPA**              | `Soon`                         |

### Enterprise Security Features

{% hint style="info" %}
Available to workspaces on our [Enterprise](https://jam.dev/pricing) plans.
{% endhint %}

<table data-view="cards"><thead><tr><th></th><th></th><th data-hidden data-card-target data-type="content-ref"></th></tr></thead><tbody><tr><td><strong>Single Sign-On</strong></td><td>Connect Jam with your existing identity provider for seamless authentication.</td><td><a href="sso">sso</a></td></tr><tr><td><strong>Audit Logs</strong></td><td>Monitor key workspace activities with comprehensive audit logs.</td><td><a href="audit-logs">audit-logs</a></td></tr><tr><td><strong>Custom Data Retention</strong></td><td>Control how long Jams stay in your workspace with custom deletion schedules.</td><td></td></tr><tr><td><strong>Access Controls</strong></td><td>Control default access for all existing and new Jams created by your team</td><td><a href="access-controls">access-controls</a></td></tr></tbody></table>

#### Enable Enterprise Security Features

Contact our sales team to upgrade to Enterprise. Work with our team to configure SSO, audit logs, and retention policies. Begin using enhanced security features immediately after setup

<a href="https://jam.dev/contact-sales" class="button primary">Contact</a>

### Security Monitoring

#### Request SOC 2 Report

Email <security@jam.dev> with your request\
Include your company information and intended use. Our team will verify your qualifications and provide the report.

#### Report Security Issues

Email <security@jam.dev> with details. \
Our security team responds as quickly as possible. We'll keep you updated throughout the investigation process

### FAQs

<details>

<summary>Where is my data stored?</summary>

All data is stored in Google Cloud Platform's Central US region with Cloudflare providing global CDN services.

</details>

<details>

<summary>How often does Jam perform security testing?</summary>

We conduct quarterly vulnerability scans and annual penetration tests as required by SOC 2 Type II compliance.

</details>

<details>

<summary>Does Jam have intrusion detection systems?</summary>

Jam uses Cloudflare for attack prevention and Google Cloud Platform (GCP) firewalls for infrastructure protection. Since our network is fully managed by GCP, we don't run separate IDS/IPS systems.

</details>

<details>

<summary>Does Jam have a bug bounty program?</summary>

We don't currently offer a bug bounty program, but we welcome security reports at <security@jam.dev> and respond promptly to all submissions.

</details>