Organizational Measures. (a) Employees Employees follow a security awareness training program on a yearly basis, including detection of social engineering, phishing, password management etc. They are required to apply a strong password policy and to use a password manager to limit password reuse. Multi-factor authentication is required whenever possible, including on the tools that Reveal develops to operate the service.
Organizational Measures. 2.1 Security plan and document
Organizational Measures. The implementation and operational effectiveness of all below controls are mandatory. The below organizational measures are derived from Our Third-Party Information Security Risk requirements, which align to leading industry standards. Control Title Control Description Reference to Industry Standard Implemented? (Yes/No)
Organizational Measures. A. Information Security Governance Data importer has established a personnel structure for information security governance, including but not limited to, a designated employee with overall responsibility for information security government (e.g., a chief information security officer) and other personnel with assigned roles and responsibilities for information security. Roles and responsibilities have been formally defined for all members of the information security team and have been documented.
Organizational Measures. We take strict measures to ensure that privacy is upheld and do our best to help our clients do the same with strict privacy features, the ability to turn off all logging and or anonymize IPs. Only support/developers have access to account users’ information to be able to better support the user, along with fixing issues if they arise. If the EU is the only selected PoPs within an account, all data will flow through our EU locations, without any data being transmitted outside of the EU. The same applies with EU Storage, data stored on our Edge Storage Zones would only be held within the EU and would not be transferred outside, unless configured to do so. We evaluate all companies we work with to make sure they adhere to all GDPR laws and data protection requirements. We keep all raw logs within memory which is removed every 20-30 seconds, so no data is kept past that time.
Organizational Measures a. IT security policy Security policies are shared with all staff, they are reviewed following incidents and are updated periodically. A policy on the acceptable use of corporate assets and their safekeeping is available.
Organizational Measures. (i) Employee security incident detection: All relevant employees are instructed on the detection and reporting of security breaches (e.g., lost computer hardware, anti-virus software alerts).
Organizational Measures. 1) The Participant must follow the Rules for Participation in Lion Heart Utopia – Olympic Cross Triathlon and any other regulations of the Organizer as may be applicable, in addition to the race regulations, the official race program/ race information;
Organizational Measures. 1.1. Submittable has appointed one or more security officers responsible for coordinating and monitoring the security rules and procedures.
Organizational Measures. Clear responsibilities: Internal responsibilities for data security issues are defined. • Confidentiality requirements of employees: Employees are obliged to maintain secrecy be- yond the duration of their employment. In particular, employees may only transfer personal data to third parties upon the express instruction of a supervisor. • Training and information activities: Employees are trained on data security issues (internally or externally) and adequately informed about data security issues (such as password secu- rity). • Orderly termination of employment relationships: Upon termination of an employment rela- tionship, all accounts of the leaving employee are immediately blocked for that employee and all keys of the leaving employee are collected. • Management of computer hardware: Records are kept on the distribution of end devices to specific employees (e.g., PC, laptop, mobile phone). • Input control: Control procedures are implemented to control the accuracy of personal data. • No duplicates of user accounts: Each person should have their own user account — the shar- ing of user accounts is prohibited.
