Confidentiality of Data

As outlined in the Information Security Standard, the JFrog Platform has a CIA (Confidentiality-Integrity-Availability) classification of 2-3-3. All users must ensure that only data appropriate to this classification is stored in JFrog.

Key guidelines:

• Do not store anything classified as Secret.
• Do not store passwords, tokens, or keys.
• Do not store any PII (Personally Identifiable Information). PII definitions vary by country; if you are operating in the EU, ensure compliance with GDPR.

These examples are not exclusive, view policy portal to learn what is permitted in a particular classification.