Skip to Content

Jitterbit security

Overview

Harmony delivers powerful integration tools and services through Jitterbit's multi-tenant cloud integration platform, called Harmony. Previous versions of Jitterbit required organizations to deploy and manage Jitterbit software and integration projects on internal network infrastructure or dedicated private clouds. With Harmony, Jitterbit can now assume any or all of these responsibilities.

These pages are included in this topic:

These additional resources related to security are also available:

Frequently asked questions

Q: What auditing is in place for the Harmony portal?

A: Deployment audit is available. Jitterbit has an extremely robust logging mechanism that exposes everything along the integration path. These logs can be freely inspected by authorized users or used by a Jitterbit operation to highlight what is of interest.

Q: Do you provide message encryption?

A: Yes, two-way SSL support is provided by Jitterbit. Jitterbit also provides AES support. Additionally, Jitterbit has a PGP encryption plugin that can be used to encrypt messages.

Q: Is transport-level security with certificate validation supported?

A: Yes. This can be done via SSL.

Q: Can user authentication be performed using domain authorization, or must it be through the internal user database?

A: Jitterbit does provide domain authorization for file source/target and for database access. User authentication can be made via domain auth to access database endpoints. Domain auth cannot be used to access Jitterbit private agents. It is possible to do an LDAP transformation to disable users, but the password cannot be set from the operation if it is a "create" (we use our private key).

Q: What password controls are in place?

A: Password policies for Harmony are controlled within the Organizations page of the Management Console. The password control features are set for each individual organization separately. Only an Administrator for the organization has access to revise the password controls. See Organizations for specific details on password controls.

Note

Password controls for organizations using single sign-on are managed through the Identity Provider.