Enterprise-Grade Security

Your Data Security is Our Priority

Jambi Core is built with security at its core. From row-level data isolation to break-glass access controls, we protect your most sensitive humanitarian data.

Security Features

Multiple layers of security protect your data at every level

Row-Level Security

Every query is automatically filtered at the database level. Organizations can never accidentally access each other's data, even at the API layer.

End-to-End Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.3). Encryption keys are unique per organization.

Multi-Factor Authentication

Required MFA for all users with support for authenticator apps, SMS, and hardware security keys.

Audit Logging

Complete audit trail of all data access and modifications. Immutable logs with tamper detection.

Protection Case Security

Enhanced security for GBV and child protection cases with break-glass access and supervisor approval workflows.

Automatic Backups

Continuous backups with point-in-time recovery. Geo-redundant storage across multiple regions.

Sensitive Data Protection

Special Handling for Protection Cases

GBV and child protection cases require extra security. Jambi Core provides multiple layers of protection specifically designed for sensitive humanitarian data.

  • Restricted access to authorized protection staff only
  • Break-glass procedure with supervisor approval
  • Automatic access expiration after 24-72 hours
  • Complete audit trail of all access attempts
  • Online-only access (no offline caching)
  • Redacted views for unauthorized users
-- Protection case access check
SELECT * FROM cases
WHERE type IN ('gbv', 'child_protection')
AND (
-- User has protection role
has_role('protection_officer')
OR
-- User has break-glass access
has_active_break_glass(user_id, case_id)
);
⚠ All access logged to audit_logs

Compliance & Certifications

We maintain industry-standard certifications and compliance

SOC 2 Type II

Annual audit of security controls

certified

ISO 27001

Information security management

certified

GDPR Compliant

European data protection

compliant

Core Humanitarian Standard

Humanitarian quality standards

aligned

Protection Measures

Comprehensive protection across all aspects of the platform

Access Controls

  • Role-based permissions with 11 predefined roles
  • Customizable permission sets per organization
  • Time-limited access grants for sensitive cases
  • IP allowlisting for additional security

Data Protection

  • Data residency options (EU, US, Africa)
  • Right to deletion and data portability
  • Anonymization tools for reporting
  • Automatic data retention policies

Incident Response

  • 24/7 security monitoring
  • Automated threat detection
  • 1-hour response time for critical incidents
  • Regular security drills and updates

Request Our Security Documentation

Get access to our detailed security whitepaper, penetration test reports, and compliance documentation.