Security Policy

Company cybersecurity policy template

This Company cybersecurity policy template is ready to be tailored to your company’s needs and should be considered a starting point for setting up your employment policies.

Policy brief & purpose

Our company cybersecurity policy outlines our guidelines and provisions for preserving our data and technology infrastructure security.

The more we rely on technology to collect, store and manage information, the more vulnerable we become to severe security breaches. Human errors, hacker attacks, and system malfunctions could cause great financial damage and may jeopardize our company’s reputation.

For this reason, we have implemented several security measures. We have also prepared instructions that may help mitigate security risks. We have outlined both provisions in this policy.

Scope

This policy applies to all our employees, contractors, volunteers, and anyone who has permanent or temporary access to our systems and hardware.

Policy elements

Confidential data

Confidential data is secret and valuable. Common examples are:

  • Unpublished financial information
  • Data of customers/partners/vendors
  • Patents, formulas or new technologies
  • Customer lists (existing and prospective)

All employees are obliged to protect this data. In this policy, we will give our employees instructions on how to avoid security breaches.

Protect personal and company devices

When employees use their digital devices to access company emails or accounts, they introduce security risks to our data. We advise our employees to keep both their personal and company-issued computers, tablets, and cell phones secure. They can do this if they:

  • Keep all devices password protected.
  • Choose and upgrade a complete antivirus software.
  • Ensure they do not leave their devices exposed or unattended.
  • Install security updates of browsers and systems monthly or as soon as updates are available.
  • Log into company accounts and systems through secure and private networks only.

We also advise our employees to avoid accessing internal systems and accounts from other people’s devices or lending their own devices to others.

When new hires receive company-issued equipment they will receive instructions for:

  • [Disk encryption setup]
  • [Password management tool setup]
  • [Installation of antivirus/ anti-malware software]

They should follow instructions to protect their devices and refer to our [Security Specialists/ Network Engineers] if they have any questions.

Keep emails safe

Emails often host scams and malicious software (e.g. worms.) To avoid virus infection or data theft, we instruct employees to:

  • Avoid opening attachments and clicking on links when the content is not adequately explained (e.g. “watch this video, it’s amazing.”)
  • Be suspicious of clickbait titles (e.g. offering prizes, advice.)
  • Check email and names of people they received a message from to ensure they are legitimate.
  • Look for inconsistencies or give-aways (e.g. grammar mistakes, capital letters, excessive number of exclamation marks.)

If an employee isn’t sure that an email they received is safe, they can refer to our [IT Specialist.]

 

Transfer data securely

Transferring data introduces a security risk. Employees must:

  • Avoid transferring sensitive data (e.g. customer information, employee records) to other devices or accounts unless necessary. When the mass transfer of such data is needed, we request employees to ask our [Security Specialists] for help.
  • Share confidential data over the company network/ system and not over public Wi-Fi or private connection.
  • Ensure that the recipients of the data are properly authorized people or organizations and have adequate security policies.
  • Report scams, privacy breaches, and hacking attempts

Our [IT Specialists/ Network Engineers] need to know about scams, breaches, and malware so they can better protect our infrastructure. For this reason, we advise our employees to report perceived attacks, suspicious emails, or phishing attempts as soon as possible to our specialists. Our [IT Specialists/ Network Engineers] must investigate promptly, resolve the issue and send a companywide alert when necessary.

Our Security Specialists are responsible for advising employees on how to detect scam emails. We encourage our employees to reach out to them with any questions or concerns.

 

Affinity Giya

Compare0

              Terms & Conditions

              Demati supplies products listed on the Demati, and Demati websites, and in our stores under the following Terms and Conditions. Please read these Terms and Conditions, and our Privacy and Cookie Policies carefully before using any of our websites, or ordering from us.

              The Terms and Conditions apply to your use of any Demati website and to any products you purchase from them; regardless of how you access the website, including any technologies or devices where our website is available to you at home, on the move or in store

              We reserve the right to update these Terms and Conditions at any time, and any updates affecting you or your purchases will be notified to you, by us in writing (via email), and on this page.

              The headings in these Conditions are for convenience only and shall not affect their interpretation.

              We recommend that you print and keep a copy of these Terms and Conditions for your future reference...