DATA PROTECTION
Users are required to protect company information and systems regardless of the
device utilized and/or network/Wi-Fi used to access and are bound by this policy
regardless of if information/systems are accessed through company owned
equipment/networks/Wi-fi or not.
Secured networks must always be used when accessing company information
and/or systems.
Data Security Threats/Phishing Attacks:
The risk of an unauthorized party accessing our systems and/or information is
extremely high and new unique attempts occur regularly. Phishing attacks are the
most common and regular threat. Phishing attacks are the practice of sending
fraudulent communications, usually through email, appearing to come from a
reputable source, to steal sensitive data (e.g., personal information, credit cards,
logins, passwords) or to install malware on the victim's machine.
Preventing Security/Data Breaches:
We consistently update and add additional security measures to prevent harmful
activities on our systems and access to our data/information. Our operating systems
have breach prevention tools in place and notifications if something suspicious
occurs. We perform daily backups of our systems and data stored. In addition, we
randomly send out internal (not harmful) phishing emails, designed to train
employees on what to look for and how to prevent a security/data breach.
Employees and system users also need to take every measure to protect our data
security. Users can protect our data and systems by:
Choosing and updating strong and unique passwords to systems
Not clicking on suspicious links in emails or on websites
Not opening emails from unknown senders
Staying up to date on ways to prevent security/data breaches
Reporting Data Security Breaches:
If an employee is made aware of a data security breach, they must notify their
manager and/or a member of our tech team as soon as possible to minimize risks
and unauthorized access to our information and/or systems.