Versions Compared

Old Version 4

changes.mady.by.user Ryan Heathcote

Saved on

compared with

New Version 5

changes.mady.by.user Ryan Heathcote

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The CloudCard “Information Security Policy” is comprised of this policy and all CloudCard policies referenced and/or linked within this document.

<

It is the goal of CloudCard that:

  • Information will be protected against unauthorized access or misuse.

  • Confidentiality of information will be secured.

  • Integrity of information will be maintained.

  • Availability of information / information systems is maintained for service delivery.

  • Business continuity planning processes will be maintained.

  • Regulatory, contractual and legal requirements will be complied with.

  • Physical, logical, environmental and communications security will be maintained.

  • Infringement of this Policy may result in disciplinary action or criminal prosecution.

  • When information is no longer of use, it is disposed of in a suitable manner.

  • All information security incidents will be reported to the Managing Director and investigated through the appropriate management channel. These reports will be brought to the Product Owner in order to address the current problem and devise a new plan.

 

Information relates to:

  • Electronic information systems (software, computers, and peripherals) owned by CloudCard whether deployed or accessed on or off campus.

  • CloudCard’s computer network, both in the cloud and on campus.

  • Hardware, software and data owned by CloudCard.

  • Paper-based materials.

  • Electronic recording devices (i.e. camera systems).

  • Customer data obtained by CloudCard

>

Scope

This policy applies to the use of information, electronic and computing devices, and network resources to conduct CloudCard business or interact with internal networks and business systems, whether owned or leased by CloudCard, the employee, or a third party. All employees, contractors, consultants, temporary, and other workers at CloudCard and its subsidiaries are responsible for exercising good judgment regarding appropriate use of information, electronic devices, and network resources in accordance with CloudCard policies and standards, and local laws and regulations.

...

All users are required to report known or suspected security events or incidents, including policy violations and observed security weaknesses. Incidents shall be reported immediately or as soon as possible by sending an email to : security@cloudcard.us.

In your email please describe the incident or observation along with any relevant details.

...