Information Security Best Practices

    The Powered By Jumbo Platform is managed under best-practice Information Security Standards (ISO 27001). This standard helps shape our policy, procedures, and practices to protect the way we provide and enhance the PBJ Platform. The main goal of these practices is to protect the confidentiality, integrity, and availability of the platform and the data contained.

    Administration Console Best Practices

    As part of the Jumbo Platform capabilities, we provide an Administration Console to provide back-office tools to support its day-to-day operation.  The Administration Console provides access to information considered confidential such as customer personal information and sales data.

    PBJ client’s staff are provided access to certain functions within the administration console which controls what information administrators can see which could include managing user accounts.

    We’ve compiled a list of guidelines for users of the Administration Console centered around good security practices.  

    Guide For Administration Console Users

    • Passwords – Use a strong password that is not shared with any other account.  Never share or write down your password.  Always change your password immediately if you believe that your account has been compromised.
    • Two-factor Authentication – Enable 2FA on your account to greatly enhance the protection of your account from unauthorised use.  Enable this through your account settings menu.
    • Public Access – If you are accessing the Administration console of the platform avoid using shared or public computers/terminals.  If you do need to access from a shared computer it’s recommended that you have enabled Two-factor Authentication.
    • Sign out – Always sign out when you have finished using the system to ensure your account is protected from unauthorised use.

    Guidelines For Account Management

    • Individual Accounts – It is strongly recommended that all individuals have their own personal admin account. Sharing accounts between several users:
      • Removes transparency & the ability to audit administration actions.
      • This could lead to unauthorised access from unwanted individuals (eg previous employees).
    • Off boarding – Link procedures around off boarding employees (including role changes) in your organisation to permissions within the Administration Console.
    • User Audit – Regularly audit who has access to the Administration Console within your organisation and the permission levels that they are assigned.  We suggest this is conducted every 3-6 months. User auditing provides an additional check to ensure that the Off boarding processes are effective.
    • Audit Trail – Use the Audit Trail function to view the activity of administration users should activity need to be traced.
      Data Breaches – Reach out to the Jumbo Interactive Client Success team if you suspect a data breach has occurred.
    • Role Based Security – Setup your system roles and permissions such that users have the minimum required access to do their role.
    Was this article helpful?
    0 out of 0 found this helpful