General information on security policy
Protect Seatti's information and IT resources (including, but not limited to, all computers, mobile devices, network equipment, software, and sensitive data) from all internal, external, intentional, or incidental threats and mitigate risks associated with theft, loss, misuse, damage, or abuse of these systems;
Ensuring the protection of information from any unauthorized access. Users may access only those resources for which they have special access authorization. The assignment of privileges must be strictly controlled and regularly reviewed.
Confidentiality of information
Protecting the confidentiality of information. When we talk about confidentiality of information, we are talking about protecting the information from disclosure to unauthorized persons.
Ensuring INTEGRITY of information. The integrity of information refers to the protection of information against changes by unauthorized persons.
Maintaining the AVAILABILITY of information for business processes. Availability of information refers to ensuring that authorized parties can access the information when needed.
Compliance with legal requirements
Compliance and, wherever possible, adherence to national legal and regulatory requirements, standards and best practices.
Maintenance of business operations
Developing, maintaining and testing business continuity plans to ensure we stay on track despite any obstacles we may encounter. It's all about "keeping calm and moving on".
Information security awareness
Raise awareness of information security by providing information security training to all employees. Security awareness and targeted training must be consistent, responsibility for security must be reflected in job descriptions, and compliance with security requirements must be expected and accepted as part of our culture.
Protection of employees
Ensure that no action is taken against employees who disclose information security concerns through reporting or direct contact with the IT Security & Compliance Administrator, unless such disclosure indicates beyond a reasonable doubt an unlawful act, gross negligence, or repeated intentional or willful disregard of regulations or procedures.
Report all actual or suspected information security breaches to Security@seatti.co.