cloud or desktop?

The jamovi project provides two main products, the jamovi cloud, and jamovi for desktop. This document is to help you decide which is right for you.

tl;dr

The cloud version is:

The desktop version is:

Privacy and the cloud

Just want the cloud privacy policy? it’s here.

A lot of people express concern about how data is stored in the jamovi cloud. In the following, we describe the security procedures in place, and ultimately make the case that the cloud version is probably more secure than the desktop version, or desktop software in general.

When people open a data file in the jamovi cloud, either by uploading one, or by opening it from an online location like OneDrive, the file is uploaded to our servers. This file is transmitted using industry grade encryption, the same encryption used to secure things like bank accounts. The data lives on our servers for the duration of the user’s session, in a safe location that other users cannot access. When the session ends, either by the user logging out, closing down all their tabs or windows, or by leaving their connection idle for some time, the data is purged from our servers. If the user is no longer using the data, the data is erased from our systems.

Further, all jamovi cloud services run in data centres in countries with reasonable data privacy laws; Australia, The Netherlands, Singapore, The United States, Canada, Germany, The UK.

We appreciate that some institutions insist that all user data remain on the individual’s devices, under the impression that this is more secure than using an online service like the jamovi cloud. The argument goes that if the jamovi cloud is targeted by hackers, then user’s data could be exfiltrated and leaked onto the internet. Every organisation’s risk profile is different, reflecting the value of the information they keep, and the sorts of threat actors they are up against. However in most cases, a web service like the jamovi cloud – a service developed and maintained by software professionals with a deep understanding of security – represents a more difficult target than an individual’s desktop computer. It has been demonstrated again and again that end users, subject to phishing attacks, or opening malicious email attachments, represent a far weaker link than the online services that might host their data.

Indeed, if we consider a user’s data residing in OneDrive, and accessing it using the jamovi cloud, the data is never present or vulnerable on the user’s local computer.

Having said that, we understand that in many cases, the decision to use a cloud service or not is not made by the people who want to use the software; but rather dictated by institution policy. In these situations, the desktop version may be the best option. However, the jamovi project does have a number of “On-premises” solutions in development, so keep an eye out for developments in that space.

Privacy and jamovi desktop

The desktop version of jamovi is entirely self-contained, and user’s data does not leave the device. While operating, the desktop version performs minimal connections to the internet, only doing so for the following reasons. 1. displaying the welcome screen 2. checking for available software updates 3. the user is browsing the jamovi library and installing modules. In all cases we do not store identifying information, and the final digits of IP addresses are not stored. The data is only used internally by the jamovi project to understand general trends and patterns in the use of jamovi.

support us