We take the security of your account very seriously, and we believe in sharing high level information about our security program so you can understand all the ways that we protect your data. While we’ve intentionally omitted detailed information about our program (to avoid providing intelligence to bad actors), we’re always happy to answer additional questions—get in touch.

Data center

  • Our platform is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Services (AWS) technology via Heroku.
  • By using Heroku, we’re able to take advantage of their infrastructure management, scaling, DDOS mitigation, and security technology, so that we can focus on our software and your data.

Application security

  • Account passwords are hashed. We can’t view them, so if you forget your password it must be reset.
  • Your connection to Jilt is encrypted (TLS 1.2)
  • We routinely scan our applications for vulnerabilities and security issues, and promptly remediate any issues.
  • Account Data is mirrored using write-ahead logs and shipped to multi-datacenter, high-durability storage.

Internal security

  • Our team is trained in modern security practices and we use the principle of least privilege, meaning team members only access to systems based on the needs of their role.
  • We’ve established a comprehensive insurance program that includes (but is not limited to) coverage for a wide variety of business, technology, and security issues.