Privacy and Security

Find out how Jama keeps your data protected


The status of our AWS environment is 100%

Latest Penetration Report

3rd Party Audit

Accuvant works with organizations to locate where effective security measures can be applied, provides a working knowledge of the best in class products and helps implement the final solution into the environment.

Download the latest full Security Assessment

At Jama, security is not an afterthought. We understand how important data security is to you and your customers, and we work hard to ensure that data security and privacy is a top consideration in all of our business operations. Here are some of the ways we protect your IP:

Vulnerability Scanning

Internally we scan our application for vulnerabilities on a quarterly basis. In addition to our own expertise within our Development, Quality and DevOps teams to provide our clients with a secure application, we contract with a third-party vendor that provides us with a detailed report once a year.

Existing customers may request this report via our support team, and potential customers seeking further information may request this document via the sales team.

AWS Cloud Platform

One of the core reasons we use Amazon’s AWS EC2 platform is the wealth of security experience Amazon has amassed over the years in building and growing AWS. Amazon’s AWS EC2 Platform is the gold standard not only for cloud applications, but also for application and data security. Amazon has successfully completed many security audits and is certified for some of the strictest and thorough standards.

Don’t take our word for it though. Amazon provides resources to expand on its certifications and third-party audits. For details on AWS certifications and accreditation, please visit

Data Protection


In addition to constantly monitoring our web application security, we utilize SSL certificates for all our web transactions, meaning that all data transferred between our clients and our application are encrypted.

Data Isolation

In Jama’s multi-tenant environments, customer data resides in a unique, separate database. In addition, stored passwords are encrypted. You may designate a physical location to store your users’ personal data. Jama offers hosted services in North America, Europe, Australia and Asia, with other locations available upon request.

Data Access

Only a select group of Jama employees have access to our production environments and only after undergoing thorough background checks. Each is contractually bound to maintain customer confidentiality and trained on the intricacies of handling sensitive data. Additionally, we further secure these environments by providing individual credentials for each of our admins and conducting regular audits of our access logs to proactively detect any misconduct.

Jama will provide customers a copy of their data upon request, as well as delete and restore data (including backups). Jama stores all updates for audit purposes.


The ISO 27001 standard covers requirements and details associated with security topics, including policy, organization, building, network management, compliance, access control and more. Jama’s security practices are based on this standard. For details on ISO and ISO27001, visit

Privacy Policy

Jama collects and uses information gathered via at several points. We only collect nonidentifiable information about site visitors—their IP addresses, which browser they use to access the site and their location, if possible. That’s it.

We use this information to compile reports on traffic patterns at the Web site. We collect this information through opt-in registration forms, click-stream tracking and automatic logging of anonymous visitor activity using Google Analytics. To try and use Jama, we require basic registration because we will need to communicate with you on an ongoing basis with information on upgrades, user guides, video tips and other educational content. Other information we request is optional. We use cookies on the company web site. A cookie is a small text file that our Web server places on a user’s computer hard drive to be a unique identifier. We use cookies as a convenience to our customers and repeat visitors, to eliminate the need for browsers to resubmit information when requesting product downloads, white papers and demo requests.

This policy was last updated January 1, 2014.

Information Usage

The Jama Website

Jama Software collects site visitor information to guide web site optimization and opt-in marketing best practices. Should you provide information and opt in to marketing, you will receive periodic email from Jama. Those who opt in might also receive additional announcements from us about product updates, services or the company newsletter. You may opt out at any time.

Product Usage Data

Our product team is committed and dedicated to providing the absolute best Jama experience. To support this initiative, we might ask to access your anonymized usage data. This is optional and completely opt-in. Analysis of this data will inform our data-driven product development. Please see the Usage Data FAQ for more information.


Email us: