JourneyApps has been designed with security considerations at its core.
For more information about our approach to security, please refer to the embedded Data Security White Paper below:
While JourneyApps takes every measure to make the platform secure, it is the application developer's responsibility to secure the application and integrations. This model is known as SSRM: Shared Security Responsibility Model. JourneyApps is responsible for protecting the platform that runs all the services that a customer makes use of. A customer's responsibility is determined by the components and features of the JourneyApps platform that they make use of. More information is provided below.
By default, applications in JourneyApps work on a single-tenant model, where every authenticated user has access to all data in the application. Even if the user does not have the ability to use the application to access data, an app's
OnlineDBAPIs expose access to all data in the deployment by default.
If greater isolation is required between data for different users, the following is required:
The application developer must ensure that API tokens are kept secure.