Security

Because of the sensitivity of client data, JNN Group understands security is of the utmost importance to our clients.

| CONFIDENITIALITY

All JNN Group’s employees and consultants sign, and are subject to, a Confidentiality Agreement.

Packing slips, coded to the particular project, are sent to the client for inclusion in data shipments to ensure data is posted appropriately and segregated from other client data. Data received by JNN Group is opened only by a designated media intake personel, and logged.

The JNN Group processing and data center is physically secured, and accessible only by keycard by authorized personnel. A secure fire/shock/heatproof safe in the data center stores sensitive information and backup data. JNN Group uses a combination of real-time monitoring and logging of the network, operating system, firewalls, web servers, database servers, network routers and switches. IT staff are automatically notified, with escalation to our support group. Hardware-based intrusion detection and network monitoring and sniffing are real-time. 

| CLIENT SECURITY

All client connections to JNN Group are SSL encrypted with a 128 bit symmetric key and a 4096 bit public key.

User passwords are required to be at least 8 characters long, and must contain at least one number and one symbol. Passwords are stored hashed (SHA 256) and salted, and never in plain text.

| DATA SECURITY

At JNN Group headquarters, all data is stored on encrypted drives (Bit Locker), and can only be accessed via strong, revolving passwords by JNN Group engineers.

Hosted data is stored on managed servers owned and controlled by Codero, a market leader in secure, man- aged hosting with data centers in Arizona, Illinois, Missouri, Texas, Virginia, the UK, and the Netherlands. These data centers are SSAE No. 16 SOC 1 / SAS 70 Type II certified. In the UK, our data center is additionally Tier 3, ISO27001, Impact Level 3 approved with GSI connectivity. Client data can be exclusively hosted in international datacenters in the UK or mainland Europe upon request.

All data transferred from JNN Group headquarters to managed servers is sent via SCP (SSH- 2), and stored on encrypted drives (Bit Locker). Data access to these managed servers is limited to JNN Group engineers over secure remote desktop. Physical access to these servers is limited to Codero technicians, and all data center access is logged and biometrically secured. In the event of theft or unauthorized access by Codero technicians, all drives are encrypted making data inaccessible.

| DATA BACKUP

Data is backed up from managed servers to JNN Group’s headquarters (offsite) nightly. Data is transferred by SCP (SSH-2) and stored on encrypted drives (Bit Locker).

| REGULATORY COMPLIANCE

JNN Group’s clients, past and present, include U.S.-based companies with facilities across the globe, as well as foreign corporations with a presence in the U.S.

Our consultants tailor clear, consistent processes and a technical infrastructure to manage discovery quickly and efficiently, and in compliance with foreign privacy and data protection provisions.

JNN Group is very experienced in helping global corporations meet the unique practical challenges inherent in the preservation, collection and production of data stored outside the U.S. through actionable recommendations and plans tailored to the client’s immediate and anticipated business, litigation and regulatory needs.

JNN Group is able to bring this perspective to litigation and investigation readiness seasoned by our years of experience in litigation response for multinational companies. We’ve helped these companies prepare formal, documented frameworks and repeatable business processes for e-discovery assessment, analysis and response planning tailored to data protection and privacy schemes across the globe.

JNN Group is certified and abides by the principles of the Safe Harbor framework outlined by the U.S. Department of Commerce for collection, use, and retention of data from the European Union, as described at the web site http://www. export.gov/safeharbor. A copy of the certification is available upon request.

As this certification notes, in the ordinary course of JNN Group’s business, we do not typically collect personal data. JNN Group may, however, receive personal data from parties who have already collected and are in possession of such information. Therefore, to the extent permitted, and in accordance with the Safe Harbor Agreement, JNN Group does reserve the right to process personal data in the course of providing service to its clients without necessarily notifying the individuals involved. However, JNN Group does not use personal data for any other purposes, and will only share such information at the lawful direction of the client.

In the unusual event that JNN Group does collect personal data directly from individuals, such individuals are informed about the type of information collected, the purpose and use for which it is collected, and the types of non-agent third parties to which JNN Group will disclose the personal data. These individuals are notified about the choices and means that JNN Group offers individuals to limit the data’s use and disclosure.