Security Is Our Priority

Julep’s focus on data security is integral to your organization’s long-term success. From the physical security at our offices to the multi-layered security approach at our data centers, our top priority is keeping your information safe.    

For more information about Julep’s security features, please click here.

Julep is built on the best practices from the PCI Security Council.

Best Security Practices

Using the standards established by the PCI Security Council, Julep follows the best practices of information and cyber security to keep your fundraising and donor data safe.

  • All data is backed up hourly to disks/hard drives and replicated to an off-site recovery point.

  • Full backups of data are stored for 6+ months.

  • Physical devices are decommissioned by a third-party service that certifies the destruction by either shredding or degaussing.

  • Alerts and notifications identify, manage, and block threats and external malicious sources.

  • Intrusion detection sensors detect and review logins to monitor for suspicious behavior.

  • Connections to Julep are secured and encrypted, which is indicated when browsers display “https” in the url.

Julep makes automatic backups of your data. | JulepCRM.com

Automatic Backups & Disaster Recovery

Julep’s backup systems take hourly snapshots of your data and replicate them in multiple locations using private links. Several months of full data back-ups are retained for all Julep clients. Testing verifies the projected recovery times for restoring data as well as checking the integrity of the restored data. When physical drives are retired, all data is destroyed through a certified process from a third party.

Discover How Julep Can Help You.

Contact us to set up a personalized tour of the fresh CRM for nonprofits.

Julep Platform Security

Security Testing and Assessments

Before releasing updates or features, the Julep team tests all code for security vulnerabilities. Networks and systems are regularly scanned for vulnerabilities and assessed for risks including:

  • Application vulnerability threat assessments

  • Network vulnerability threat assessments

  • Selected penetration testing and code review

  • Security control framework review and testing

Security Monitoring

Julep monitors notifications from alerts and internal systems to identify, manage, and block threats and external malicious sources.

Network Protection

  • Perimeter firewalls/edge routers block unused protocols.

  • Internal firewalls segregate traffic between the application and database tiers.

  • Intrusion detection sensors detect and review logins to monitor for suspicious behavior.

Secure Transmission and Sessions

Connection to Julep is via TLS 1.2 using step-up certificates from GeoTrust. This ensures that there is no unencrypted traffic on the network, which is indicated when browsers display “https” in the url. Individual user sessions are identified and re-verified with each transaction, using a unique token created at login.

Caging & Data Entry

The Julep team applies the same standards from the PCI Security Council to our caging and data entry departments. When receiving card numbers in hard copy form, they are handled in secure and monitored environments, including:

  • Physical credit card numbers are blacked-out and stored safely after transactions are processed through Julep’s integration with Anedot.

  • Credit card numbers are never written or stored in our software or hardware, and extensive penetration tests are conducted on our systems.

  • Digital images are taken of all checks.

  • All physical documents submitted by donors are archived for three years..

Physical Security at Julep Offices | JulepCRM.com

Physical Security at
Julep Offices

Julep makes every effort to secure the physical premises of our office and caging facilities. These security standards include:

  • Separate biometric access control to enter caging facility and offices

  • Video surveillance throughout the offices and caging facility

  • Dedicated mail intake room, opening and sorting room, document scanning room, and data entry room with their own biometric access and video surveillance

  • Tracking of asset removal

Secure Data Centers

The Julep CRM and your data are maintained at a secure, offsite data center that maintains SSAE 16 Type II compliance. This top-tier data center provides carrier-level support, including:

Physical Safety

  • Building engineered for local seismic, storm, and flood risks

  • Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression

  • Humidity and temperature control

  • Redundant (N+1) cooling systems, CPS/UPS systems, and diesel generators with on-site diesel fuel storage

  • Redundant power distribution units (PDUs)

  • VESDA (very early smoke detection apparatus)

Physical Security

  • 24-hour manned security, including foot patrols and perimeter inspections

  • Biometric scanning and card readers for access

  • Dedicated concrete-walled data center rooms

  • Computing equipment in access-controlled steel cages

  • 360-degree video surveillance throughout facility and perimeter

  • Tracking of asset removal