We are a Saas client and are looking to expand our usage of JitBit.
How should we approach the security of the content stored in JitBit on our account? We understand that if a user, technician, or administrator's ID/password is compromised, unauthorized access to our data in JitBit could occur. However, we would like to know how the platform protects our data from web spiders, bots, worms, and hackers who might attempt to extract data from websites. It is important to us that our hosted content in JitBit remains unsearchable and inaccessible.
Thank you for your inquiry regarding the security of your content in JitBit.
Rest assured, no data within the Helpdesk application can be accessed without proper authentication through a valid login and password (with the exception of the knowledge base, which can be made publicly available if you permit it in the settings). Our system is designed to prevent unauthorized access effectively.
We have implemented robust security measures to protect against automated attacks. For instance, if a bot or worm attempts to "guess" password combinations, our application will detect this behavior and block the corresponding IP address for over 20 minutes. This makes "brute-forcing" a password virtually impossible, as it would take an unfeasibly long time to succeed.
Additionally, our application is equipped with an attack-detection mechanism that identifies dangerous HTTP requests, which may contain cross-site scripting (XSS) or SQL injection attempts, as well as uploads of suspicious files. In such cases, we will also block the IP addresses of users exhibiting suspicious behavior.
Furthermore, we utilize CrowsdSec across our servers, a community-driven platform that proactively publishes known dangerous IP addresses before they can attempt any attacks against us. Finally, we are protected by CloudFlare CDN, which adds another layer of security. We utilize their enterprise pricing plan for enhanced protection (more information can be found at CloudFlare).
If you have any further questions or concerns, please do not hesitate to reach out. We are here to help!