Security and confidentiality

With Jalios, these are not options.

Book a demo

With over 500 customer references and 2.6M users, Jalios counts many organisations among its customers for whom data security is a major issue.

Whether in healthcare, banking and insurance, industry or public services, the Jalios solution meets the most stringent requirements in terms of security and confidentiality.

The main challenges of safety

1

Protection of sensitive data

An intranet or digital workplace can contain a large amount of sensitive data, such as customer information, financial data, or intellectual property. We can help you implement robust security measures to protect this data from unauthorised access, leaks, or cyberattacks.

2

Managing user identities and access

With many users accessing your Jalios platform from a variety of devices and locations, it is essential to put in place identity and access management strategies to ensure that only authorised people have access to the appropriate data and functionality.

3

Protection from internal and external threats

Internal threats, such as accidental leaks or malicious acts, as well as external threats such as malware attacks and unauthorised users, are potential dangers to the health and security of Digital Workplace systems.

We deploy incident detection and response strategies to deal with these threats.

4

Compliance with legal regulations

Our intranets, collaboration platform and digital workplace comply with many data security regulations and compliance standards, such as the RGPD (General Data Protection Regulation) for the European Union. Ensuring that our digital workplace meets these requirements is crucial to avoid financial penalties and protect the organisation’s reputation.

Our solution makes it easy for you to comply with security regulations, in line with current legislation and the requirements of the European Union’s GDPR.

We adopt best security practices in line with the “Responsibility” principle established by ANSSI.

Our solution incorporates the application protection mechanisms recommended by OWASP standards.

Security by design

Processes at all levels

Jalios implements security at the application, infrastructure and physical levels, with processes that ensure the security of its products throughout their lifecycle.

  • A dedicated cross-functional team,
  • Awareness-raising and training for all Jalios employees,
  • Reliable processes and security patches,
  • Regular audits with intrusion tests,
  • A dedicated community for customer CISOs.

An ANSSI CSPN-certified solution available in the SecNumCloud region

Jalios is the first collaborative solution to obtain CSPN certification in 2021 for its JPlatform technical foundation. The management of sensitive data is one of the pillars of development in Jalios’ strategy.

  • Jalios is a winner of BPI France’s SecNumCloud qualification scheme, which is part of France 2030’s cloud acceleration strategy,
  • The solution is already available in the SecNumCloud region on the 3DS Outscale marketplace,
  • The SecNumCloud solution has been chosen by DINUM,

    AMF, INSEE and many other customers,

  • The Jalios teams are also committed to ISO 27001 certification

They have chosen Jalios in the SecNumCloud region:

ISO 27001 certification coming soon

At Jalios, we are proud to announce that we are currently in the process of obtaining ISO 27001 certification for our entire organisation, including Jalios SA (PLC) and Jalios GmbH (Ltd.). This certification process demonstrates our commitment to information security and illustrates our commitment to maintaining high standards of data protection at all levels of our business.

Digital sovereignty

Rely on resilience and diversity with Jalios

A 100% French publisher for over 20 years, Jalios offers a sovereign and independent solution that is not subject to extraterritorial laws (Cloud Act, Patriot Act, etc.). For Jalios, sovereignty goes much further: sovereignty of choice is built into the very architecture of the solution:

  • With JServices, you can choose your suppliers for uses such as: office automation, cartography, translation, AI and many other services,

These elements guarantee you total control over your data, even when you use third-party services.

The NIS 2 directive

Jalios helps you to manage your sensitive data more effectively

Thanks to its architecture and design, the Jalios Digital Workplace acts as a true governance platform and strengthens the security of your organisation. It thus addresses the requirements imposed by the new NIS 2 directive.

  • 21.2.a: Information systems security and risk analysis policies,
  • 21.2.d: Supply chain security,
  • 21.2.g: Cyber safety and cybersecurity training,
  • 21.2.i: Security of human resources, access control policies and asset management,
  • 21.2.j: Multi-factor or continuous authentication solutions, secure voice, video and text communications and secure emergency communication systems.
Download the Hexatrust NIS2 capability brochure

Participating in the national and European cyber ecosystem

Jalios products offer a wide range of security features to meet the needs of organisations. As a member of the Hexatrust association, Jalios is part of the national and European cyber ecosystem specialising in the protection of sensitive data. In addition, Jalios holds ANSSI CSPN certification and can interface with several benchmark cybersecurity solutions.

RGPD and data privacy

Jalios considers data protection to be essential and is fully committed to complying with regulations, including the RGPD (or GDPR in English).

As a software publisher, and unlike some consumer solutions, Jalios does not make commercial use of the data on its customers’ platforms: you own your data and can retrieve it at any time.

For customers who need to manage confidential and personal data on their platforms, whether intranets, digital workplaces, extranets or corporate social networks, etc., Jalios offers a wide range of solutions. Jalios implements numerous tools and functionalities to help them comply with the RGPD.

Contact our teams to find out more.

Contact us

Questions / Answers

What is the CSPN?

The Certification de Sécurité de Premier Niveau (CSPN), also known as the ‘ANSSI Security Visa’, is one of the certifications issued by the Agence nationale de la sécurité des systèmes d’information (ANSSI) for information technology products. The CSPN, introduced by the ANSSI in 2008, certifies that the product (software, operating system, appliance, hardware, etc.) has successfully undergone a security assessment by an assessment centre (CESTI) approved by the ANSSI.

CSPN consists of ‘black box’ tests carried out under time and deadline constraints. CSPN is an alternative to Common Criteria assessments, where cost and time can be an obstacle, and where the targeted level of confidence is lower. This certification is based on criteria, a methodology and a process developed by ANSSI.

SecNumCloud is a security qualification offered by ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) to enhance the security of Cloud services. It applies to all cloud operators offering PaaS (Platform as a Service), IaaS (Infrastructure as a Service) or Saas (Software as a Service) services.

SecNumCloud’s security requirements encompass a whole repository of best practices from a technical, operational and legal perspective. Compliance with these requirements is verified by auditing service providers (PASSI), who are also approved by ANSSI.

The NIS2 Regulation is an update of the NIS Directive adopted by the EU in 2016. It was published in December 2020 and aims to strengthen cybersecurity in all EU Member States.

Highly ambitious, its implementation aims to enable thousands of entities to better protect themselves, particularly in sectors deemed essential to societal and economic stability. It is an opportunity to mobilise the national economic fabric and the public sector in a context of increased cyber threats.

The scope of the NIS2 directive addresses several key areas for strengthening cybersecurity defence and response capabilities:

  • Risk management and security measures: with risk management procedures and appropriate security measures to mitigate identified risks.
  • Incident reporting and handling: with specific protocols for reporting cyber incidents for rapid and detailed communication with the relevant national authorities.

  • Supply chain security: with dedicated procedures emphasising the interconnected nature of modern business operations.

  • Cybersecurity training and awareness: with regular training and awareness programmes to foster a culture of cybersecurity at all levels of the organisation.

Adopted in May 2018, the GDPR strengthens and unifies the protection of individuals’ personal data within the EU, setting out specific obligations to ensure the protection of data that is entrusted to organisations.

 

It applies to any organisation, public or private, that processes personal data on its behalf or otherwise, as long as it is established in the European Union or directly targets European residents. The GDPR also applies to processors who process personal data on behalf of other organisations.

The regulation defines:

  • Personal data is defined as ‘any information relating to an identified or identifiable natural person’.
  • Processing of personal data as ‘any operation or set of operations which relates to personal data, by whatever means’.
Logo Jalios blanc
Do you like what you see?
Let's talk!

Products
Jalios Intranet
Jalios Pulse
Jalios Teamwork
Jalios Workplace
Jalios Open Suite
AI
Microsoft 365
Services

About
About Jalios
We are hiring!
Become partner
Green IT
Security
Contact us
Logo SFR Business h
Logo Natixis h
Logo Loire Atlantique h
Logo Leclerc h
Logo La Redoute h
Logo Intersport h
Logo Charente h
Logo Assurance Maladie h
Logo AFD h
Logo Dinum h

Most of pictures are from: freepik.com

Legal | Policy

© 2024 – Jalios 58, rue Pottier – 78150 Le Chesnay – France Tel: +33 1 39 23 92 80

X-twitter Linkedin Youtube