security policy
play

SECURITY POLICY Confidential Focal3 Softw are Pvt Ltd F3 _ Doc_ 0 - PDF document

Aug 29, 2022 •139 likes •279 views

F3 _ Doc_ 0 0 6 VER4 .0 Page 1 of 1 SECURITY POLICY Confidential Focal3 Softw are Pvt Ltd F3 _ Doc_ 0 0 6 VER4 .0 Page 2 of 2 Background Focal3 and its Customers provide Focal3 Agents with Confidential and Proprietary information

  1. F3 _ Doc_ 0 0 6 VER4 .0 Page 1 of 1 SECURITY POLICY Confidential Focal3 Softw are Pvt Ltd

  2. F3 _ Doc_ 0 0 6 VER4 .0 Page 2 of 2 Background Focal3 and its Customers provide Focal3 Agents with Confidential and Proprietary information (collectively, “Information”). It is very important that all of this Information be handled with great care to prevent the inadvertent or intentional disclosure to anyone other than an authorized party. For both its own and its Customers’ benefit, Focal3 is committed to protecting the security and confidentiality of all Information. To that end, this policy addresses the necessary and appropriate procedures for maintaining data security and confidentiality. Scope This policy governs the procedures followed by all business units of the company who encounter Confidential and Proprietary Information. Together with Focal3’ Employee Handbook and related Human Resources documents, these establish all of the guidelines for the use and protection of this Information. Definitions The following terms used within this Policy are defined as follows: Active Use The actual or planned use of Information within a one-year period. Agent Any full- or part-time employee, temporary or contracted employee, consultant, vendor, volunteer, director or other person who is provided access by Focal3 or a Customer to Information whether or not in exchange for wages, salary or other remuneration. Authorized Use A situation in which either Focal3 or a Customer has granted specific permission to use Information for a particular purpose. Blinding The process whereby Information is shielded from identification by removing any direct and indirect identifying information which would allow a third party to directly observe or indirectly reconstruct the identity of party to the Information. Confidential Focal3 Softw are Pvt Ltd

  3. F3 _ Doc_ 0 0 6 VER4 .0 Page 3 of 3 Classification Level Information is classified into one of three distinct levels as defined in the table below. The Classification Level determines the particular rules that govern the use, transmission, storage and disposal of the Information. By contrast, unclassified information (e.g., press releases, company address and phone) is fit for public consumption and has no rules for handling or protection, outside of appropriate business protocol. Representative Examples 1 Classification Level Level I - Information that necessitates the most Peer review data limited handling, is provided to individuals System passwords on a Need to Know basis only, and which, Confidential human resource when discarded, must be shredded or information otherwise destroyed in a manner that eliminates the practical ability to reconstruct that information from its component parts; Level II - Information that necessitates specific Blinded Customer data handling and that is provided to individuals Business plans and relationships on a Need to Know basis only, but which Proprietary analytic methods may be disposed of discreetly in a non- Blinded Customer case studies or Public trash can; analyses Level III - Information that is generally available to Sales presentation materials Focal3 Agents, but which is provided only Marketing Materials on limited terms to non-Agents; Com pany Confidential and Proprietary I nform ation Company Information includes, but is not limited to: analytic methods, software source code, research and software development methods, business plans and strategies, non-Public financial information and non-Public Human Resources information. In general, any information that is protected by regulation or law, that is deemed by Focal3 to be a proprietary component of one or more of its business units, that is not made publicly available by Focal3 and which Focal3 attempts to keep confidential in the routine course of its business is Information. 1 These examples are illustrative only and are specifically NOT meant to be all-inclusive. Confidential Focal3 Softw are Pvt Ltd

  4. F3 _ Doc_ 0 0 6 VER4 .0 Page 4 of 4 I nactive The lack of actual or planned use of Information within a one-year period. I nform ation Collectively, Confidential and/ or Proprietary Information of either Focal3, a Customer or an Agent of either party. Need to Know Need to know is defined as the requirement, as a part of a direct job function, for an Agent to have access to the particular Information under consideration. Public areas Public areas consists of all areas outside of Focal3, and within Focal3, those areas with high visitor traffic, namely lobbies, waiting areas, kitchens and any other Company areas specifically designated by the Executive Council as Public. Security Officer The Director of Technical Services, who will provide implementation and overall security monitoring for Focal3. System s Adm inistrator An Agent with access to and responsibility for computer systems administration and maintenance. A Systems Administrator is distinguished from other Agents by the need to have widespread access to secure systems and materials as a routine part of his or her job. For the purposes of this Policy, Database Administrators are considered to be System Administrators. Policy It is Focal3’ policy to both explicitly and implicitly protect Confidential and Proprietary Information (collectively, “Information”) from unauthorized access, use, dissemination, or disclosure. Procedures General Principles It is impossible to define every possible interaction between Agents and Information. Therefore, the following general principles should govern all Agent interactions with Information unless specific procedures exist to the contrary: • Obtain proper authorization from a Manager before accepting any Information; Confidential Focal3 Softw are Pvt Ltd

  5. F3 _ Doc_ 0 0 6 VER4 .0 Page 5 of 5 • When possible, avoid access to or possession of Information unless specifically required for the task; • Always keep Information for the shortest possible time required for the specific task at hand and then properly destroy or store that Information in accordance with the handling requirements; • Presume that others do not have proper authorization or the Need to Know unless proven otherwise; • Information may not be discussed in Public areas and may never be given to any party without proper Authorization for use; • When possible and reasonable, downgrade the Information to the lowest possible Classification Level consistent with your required task (e.g., by Blinding); • When Information of different Classification Levels is commingled, the entire Information bundle assumes the Classification Level of the highest individual component; • Information maintained for any purpose must be protected from accidental disclosure in accordance with the Information handling requirements; • Information may be removed from Company premises only for authorized business purposes and must be treated in the same manner as on-site data; by definition, family members do not have a Need to Know; • When it is not known whether or not information is Proprietary and Confidential, it should be presumed to be so until proven otherwise; Confidential Focal3 Softw are Pvt Ltd

  6. F3 _ Doc_ 0 0 6 VER4 .0 Page 6 of 6 I nform ation handling requirem ents by Classification Level • Confidential and Proprietary Information has specific handling requirements defined by its Classification Level as specified in the table below: Level Locations Mediums Active Use within Focal3: Electronic transport: password personal desk area when not protected, marked “Confidential”; immediately visible to encrypted and blinded unless it is unauthorized persons, or in a impractical or dysfunctional to do so; I closed room; Hard copy: always marked Active Use outside of Focal3: only “Confidential”; blinded when if required and concealed during possible; use of common area transit; all Information must printers discouraged -- must retrieve remain in direct, personal printing as soon as possible; possession at all times; Mail: item tracking required; Inactive: destroyed or maintained Fax: discouraged strongly; when in a locked storage area; required, must have a confirmed, Authorized User waiting on opposite end; Verbal: allowed via standard telephone or in proper locations; White Boards: must be erased when not in use. Active Use within Focal3: personal desk area or in a closed room; II Active Use outside of Focal3: only Same as Level I if specifically authorized and concealed during transit; all Information must remain in direct, personal possession at all times; Inactive: discarded in a non- Public trash can or maintained in a non-visible area; Electronic: encrypted or password protected when possible; Same as Level II Hard copy: concealed; Mail: regular U.S. mail allowed; III Fax: allowed without standby; Phone: allowed via standard telephone or in proper locations; White Board: erase as appropriate. Confidential Focal3 Softw are Pvt Ltd

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Document Hierarchy of Information Security Corporate Security Policy Policy General commitment

Document Hierarchy of Information Security Corporate Security Policy Policy General commitment

Document Hierarchy of Information Security Corporate Security Policy Policy General commitment to Information Security General commitment to Information Security Installation of CorpSec Enabling CSO Installing Information Security Standard

355 views • 8 slides
Update on Security Policy David Kelsey (RAL) 7 Mar 2010 Security Workshop @ ISGC 2010,

Update on Security Policy David Kelsey (RAL) 7 Mar 2010 Security Workshop @ ISGC 2010,

Update on Security Policy David Kelsey (RAL) 7 Mar 2010 Security Workshop @ ISGC 2010, Taipei david.kelsey at stfc.ac.uk Overview Why do we need security policies? Joint Security Policy Group (JSPG) Some history

408 views • 28 slides
Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian Roth , Timothy Barron, Stefano Calzavara, Nick Nikiforakis & Ben Stock Network and Distributed System Security Symposium (NDSS '20) Cross-Site

878 views • 31 slides
and Advocacy in Alaska Outline: Framing Food Security/Insecurity Food Security in Alaska

and Advocacy in Alaska Outline: Framing Food Security/Insecurity Food Security in Alaska

Anti-Hunger Policy and Advocacy in Alaska Outline: Framing Food Security/Insecurity Food Security in Alaska Federal Policy and Advocacy State Policy and Advocacy SNAP FINI Grant Useful Reports Policy

852 views • 12 slides
US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific, Technical and Industrial Directorate of Business Resilience Defence Security Security Protection The DTCT requires the Parties to provide an

387 views • 9 slides
Migration Policy Development Board 30/5/2019 Social Security Scheme - Briefing Social Security

Migration Policy Development Board 30/5/2019 Social Security Scheme - Briefing Social Security

Migration Policy Development Board 30/5/2019 Social Security Scheme - Briefing Social Security scheme overview Contributions States grant Social Security Fund Other contributory Pensions benefits 2 Social Security scheme

165 views • 14 slides
Enabling dynamic security policy in the Java security manager Fabien Autrel, Fr ed eric

Enabling dynamic security policy in the Java security manager Fabien Autrel, Fr ed eric

Outline Introduction JVM sandbox Modelisation Example and implementation Conclusion Enabling dynamic security policy in the Java security manager Fabien Autrel, Fr ed eric Cuppens, Nora Cuppens FPS2012 symposium October 26 th 2012

321 views • 20 slides
Problematizing Human Milk The case of Bogotas Food and Nutrition Security Policy Breastfeeding

Problematizing Human Milk The case of Bogotas Food and Nutrition Security Policy Breastfeeding

Problematizing Human Milk The case of Bogotas Food and Nutrition Security Policy Breastfeeding in Bogotas Food and Nutrition Security Policy 2007-2015 The global WHO + FAO Food security Food security exists when all people, at all

113 views • 9 slides
HOW TO WRITE AN INFORMATION SECURITY POLICY INTRODUCTION This section is intended to help you

HOW TO WRITE AN INFORMATION SECURITY POLICY INTRODUCTION This section is intended to help you

HOW TO WRITE AN INFORMATION SECURITY POLICY INTRODUCTION This section is intended to help you produce an information security policy. Some of the information contained here is of a particularly detailed and complex nature and may not, therefore,

469 views • 8 slides
Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao ,

Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao ,

Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao , Jason Ott , Qi Alfred Chen, Zhiyun Qian , Z. Morley Mao University of Michigan, University of California Riverside 1 Security Policy

888 views • 22 slides
Privacy and Security: Policy and Tech Tim Bray tbray@textuality.com tbray.org @timbray

Privacy and Security: Policy and Tech Tim Bray tbray@textuality.com tbray.org @timbray

Privacy and Security: Policy and Tech Tim Bray tbray@textuality.com tbray.org @timbray +TimBray Links featured in this talk: goo.gl/ggrSBj Recent security blogging: tbray.org/ongoing/What/Technology/Security Photo: Wikimedia

727 views • 45 slides
Managing security policy in distributed systems Tim Moses 13 April 2004 v2 1 1 PDF created

Managing security policy in distributed systems Tim Moses 13 April 2004 v2 1 1 PDF created

Managing security policy in distributed systems Tim Moses 13 April 2004 v2 1 1 PDF created with FinePrint pdfFactory trial version www.pdffactory.com Agenda Definitions Motivation Policy models Policy languages Future w ork

226 views • 18 slides
Security Classification Policy Implementation in Policing Update Helen Edwards Head of

Security Classification Policy Implementation in Policing Update Helen Edwards Head of

Security Classification Policy Implementation in Policing Update Helen Edwards Head of Information Management March 2013 1 New Security Classifications From April 2014, the Government security classifications are changing.

173 views • 13 slides
Fo Food for though ght Review of the Dutch food security policy 2012-2016 Ferko Bodnr, IOB

Fo Food for though ght Review of the Dutch food security policy 2012-2016 Ferko Bodnr, IOB

Fo Food for though ght Review of the Dutch food security policy 2012-2016 Ferko Bodnr, IOB Food Security Exchange Wageningen, 31 May 2018 1 Presen entation o n outline ne 1. Food security, the global challenge 2. Dutch food security

222 views • 20 slides
Security Policy Update Mike Stanfield OSG Security Team OSG Council Face-to-Face October 11 th ,

Security Policy Update Mike Stanfield OSG Security Team OSG Council Face-to-Face October 11 th ,

Security Policy Update Mike Stanfield OSG Security Team OSG Council Face-to-Face October 11 th , 2019 OSG Security Team Security Team Members: Susan Sons, CACR Indiana University Adrian Crenshaw, CACR Indiana University Josh Drake,

113 views • 10 slides
PPI PENSIONS POLICY INSTITUTE Financial Security in Retirement Chris Curry Pensions Policy

PPI PENSIONS POLICY INSTITUTE Financial Security in Retirement Chris Curry Pensions Policy

PPI PENSIONS POLICY INSTITUTE Financial Security in Retirement Chris Curry Pensions Policy Institute CHASM Annual Conference 2014 18 July 2014 www.pensionspolicyinstitute.org.uk PPI Financial security in PENSIONS POLICY INSTITUTE retirement

563 views • 18 slides
Wha hat t are the e the cha hanges? nges? Presented by: Dineo Mphahlele Executive Manager:

Wha hat t are the e the cha hanges? nges? Presented by: Dineo Mphahlele Executive Manager:

FIC Amendment Act Wha hat t are the e the cha hanges? nges? Presented by: Dineo Mphahlele Executive Manager: Inspectorate FIC Amendment Act 1. Introduction 2. Risk-based approach 3. Risk Management and Compliance Programme(RMCP) 4. 7

608 views • 36 slides
Developing Secure Applications for IBM i Introductions Design and Documentation

Developing Secure Applications for IBM i Introductions Design and Documentation

Developing Secure Applications for IBM i Introductions Design and Documentation Application Ownership and Authority A Simple Security Model Integrity Considerations Resources for Security Officers Questions & Answers

1.06k views • 93 slides
H3C S3600 Series Switches Agenda Market Trends S3600 Overview S3600 Key Features V1. V1.5 New

H3C S3600 Series Switches Agenda Market Trends S3600 Overview S3600 Key Features V1. V1.5 New

H3C S3600 Series Switches Agenda Market Trends S3600 Overview S3600 Key Features V1. V1.5 New New Feat Feature IRF IRF RPS10 S1000 00-A Featu ature S re Summar mary End-to-End Intelligent Solution Summary www.h3c.com.cn 2

502 views • 48 slides
Botnets Leonidas Stylianou CS 682 23/04/2020 Lifecycle of a bot Infected host Botnet malware

Botnets Leonidas Stylianou CS 682 23/04/2020 Lifecycle of a bot Infected host Botnet malware

Botnets Leonidas Stylianou CS 682 23/04/2020 Lifecycle of a bot Infected host Botnet malware Botmaster controls becomes a bot and infects a host. the botnet. joins the botnet . Coordination of f bots with C&C server Bots query the

1k views • 58 slides
IT AUDIT AND SECURITY COMPLIANCE: WHERE TO FOCUS YOUR EFFORTS FOR 2014-15 IT Audit and Security

IT AUDIT AND SECURITY COMPLIANCE: WHERE TO FOCUS YOUR EFFORTS FOR 2014-15 IT Audit and Security

O'Connor & Drew, P.C. www.ocd.com @ocdcpa 1 IT AUDIT AND SECURITY COMPLIANCE: WHERE TO FOCUS YOUR EFFORTS FOR 2014-15 IT Audit and Security OConnor & Drew, P.C. www.ocd.com @ocdcpa Jake McAleer @johnjakem March 2014

848 views • 65 slides
WATCOM SOLUTIONS MEGA MALL www.watcom.ru AGENDA 1 5 ABOUT COMPANY SHOPPING INDEX 6 2

WATCOM SOLUTIONS MEGA MALL www.watcom.ru AGENDA 1 5 ABOUT COMPANY SHOPPING INDEX 6 2

WATCOM SOLUTIONS MEGA MALL www.watcom.ru AGENDA 1 5 ABOUT COMPANY SHOPPING INDEX 6 2 PEOPLE COUNTING SYSTEM FOCUS SYSTEM 7 3 PROJECT IMPLEMENTATION SHOPSTER 8 TRENDS AND ROADMAP 4 SALES FLOW SYSTEM www.watcom.ru ABOUT WATCOM 6

1.18k views • 72 slides
GFO-20-601 Pre-Application Workshop Blueprints for MD/HD ZEVs and ZEV Infrastructure Fuels and

GFO-20-601 Pre-Application Workshop Blueprints for MD/HD ZEVs and ZEV Infrastructure Fuels and

GFO-20-601 Pre-Application Workshop Blueprints for MD/HD ZEVs and ZEV Infrastructure Fuels and Transportation Division Katie Herter July 28, 2020 California Energy Commission 1 Housekeeping Muting on Zoom Zoom recording Questions

547 views • 39 slides
Winter Marketing Tune-Up Meet Your Enrollment Marketing Team Kurt Lewis , Director of

Winter Marketing Tune-Up Meet Your Enrollment Marketing Team Kurt Lewis , Director of

Winter Marketing Tune-Up Meet Your Enrollment Marketing Team Kurt Lewis , Director of Enrollment Marketing klewis@archchicago.org Noreen Walton-Valle, Marketing and Enrollment Manager, Vicariates 1 and 2 nwalton@archchicago.org

650 views • 63 slides

More recommend