Our Firm’s cyber security policy outlines our guidelines and provisions for ensuring the security of our data and technology infrastructure.
The high dependency on technology to collect, manage and store information may make us more vulnerable to severe security breaches. Human errors, malicious attacks, and system malfunctions could cause prominent monetary damage or may result in jeopardising our Firm’s reputation.
Considering this, we have implemented several security measures implemented. We have also placed instructions and procedures that may help mitigate security risks. We have engulfed both provisions in this policy.
This Cyber Security policy applies to all our permanent and temporary employees, contractors, volunteers, and anyone who has permanent or temporary access to our systems and hardware.
Confidential data is secret and valuable to the Firm. Some common examples are:
All employees are obliged to protect this data. In this policy, we will give our employees instructions on how to how to abstain from security breaches.
Employees while using their digital devices to access the Firm’s emails or accounts may introduce security risks to our data. We regularly advise our employees to keep their personal as well as Firm-issued computers, tablets, and cell phones secure. They can do this if they:
We also advise our employees against accessing the Firm’s internal systems and accounts from other people’s devices or letting others access their devices.
When new hires or prevailing employees receive Firm-issued gadgetry, they may receive instructions for:
Emails often serve as a field to scams and malicious attacks. To avoid virus or data theft, we instruct employees to:
If an employee isn’t sure that an email they received is safe, they can refer to our Security Specialist.
Password security is of high priority as leakage of this can be most dangerous since it can compromise our entire infrastructure and data. Not only should passwords be strong so they won’t be easily hacked, but they should also remain secret. For this reason, we advise our employees to:
We even have services of a reputed password management tool in place which generates random strong passwords and stores them. Employees dealing with critical data are obliged to create a secure password from the tool itself, following the above-mentioned advice.
Transfer of data securely is among our top priorities as it is prone to security risk. Employees must:
Our Security Specialists need to know about scams, breaches, and malware immediately so they can better protect our infrastructure. We advise our employees to report perceived attacks, suspicious emails, or phishing attempts as soon as possible to our specialists. Our Security Specialists must investigate promptly, resolve the issue and send a Firm-wide alert when necessary.
Our Security Specialists are appointed for advising employees on how to detect scam emails. We encourage our employees to reach out to them with any questions or concerns.
To reduce the possibilities of security breaches, our employees are instructed to:
We also expect our employees to comply with our social media and internet usage policy.
Our Security Specialists should:
Our Firm will have all physical and digital shields to protect information.
Remote employees must follow this policy’s instructions too. Since they access our Firm’s accounts and systems remotely, they are obliged to follow all data encryption, protection standards, and settings, and to ensure their private network security.
We encourage them to seek advice from our Security Specialists.
Our employees are expected to follow this policy, and those causing security breaches may face disciplinary action:
We will examine each incident on a case-by-case basis.
Additionally, employees who are disregarding our security instructions and policy will face progressive discipline, even if their behaviour hasn’t resulted in a security breach.
Everyone, from our clients and partners to our employees, contractors, and vendors should be confident in their data safety. To achieve this, we have to proactively protect our systems and databases. Staying vigilant and keeping cyber security top of mind can all contribute to this.