Information Security will be managed by the following personnel: Personnel changes In the event of a change in role, a departure, or a new hire, oversight of the affected security policies will be transferred to the new information security personnel. Management of information technology systems will be transferred to the appropriate engineer. Barring no sudden...
Purpose: The Mobile Device Policy exists to ensure that Nested Knowledge protects from threats related to mobile devices. Scope: This document offers guidance for employees and contractors working with Nested Knowledge. Mobile Device Policy – Internal Systems Nested Knowledge does not provide employees or contractors with mobile cellular devices. Personnel are trained to avoid accessing...
Purpose This policy outlines our planning related to the implementation of advanced authentication of users who connect to Nested Knowledge information systems. We are committed to protecting the security, privacy, and integrity of Nested Knowledge information systems. Scope This policy affects all employees, contractors, consultants, and business partners of Nested Knowledge. Internal Company MFA Policy Nested...
Purpose: The purpose of this policy is to ensure that only authorized users gain access to Nested Knowledge’s information systems. Scope: This policy affects all employees of this Nested Knowledge and its subsidiaries, and all contractors, consultants, temporary employees and business partners. Employees who deliberately violate this policy will be subject to disciplinary action up...
Nested Knowledge will undergo penetration testing of its web application on an annual basis, unless this schedule is required to be revised by Nested Knowledge. An external security firm will test the web application to identify vulnerabilities. During the testing period, no software releases will be pushed, except releases with important bug fixes. Any vulnerabilities detected will...
I. Purpose The policy describe how Nested Knowledge uses photo and how Nested Knowledge ensures compliance with GDPR’s Data Protection requirements. II. Scope This policy affects all employees, contractors, and consultants of Nested Knowledge. II. Policy Legitimate interest Nested Knowledge shares photos of employees and contractors, a form of personal information, on our website. We...
Purpose The purpose of this policy is to ensure that exceptions to security policies are documented and approved through a formal exception process. Scope: This policy applies to all published Nested Knowledge information security policies. Employees and contractors must abide by this exception process. Policy An exception to an information security policy may be granted...
Nested Knowledge adheres to legal requirements for data protection and information security. Nested Knowledge is located in the United States. Nested Knowledge provides software to countries throughout the world, with the exception of countries sanctioned by the United States. GDPR Compliance Nested Knowledge adheres to the General Data Protection Regulation (GDPR). For details and technical controls,...
I. Purpose This policy ensures that development environments are secure and encourages the use of secure coding and development practices. Security needs to be considered at all stages of the development lifecycle from specification and design through to implementation. II. Scope These standards apply to all persons involved in the acquisition, development and maintenance of...
Purpose Nested Knowledge has a responsibility to educate our personnel on security practices and to comply with federal regulations related to security training and controls. This policy describes our plan to educate users on security practices. Scope: This policy affects all employees, contractors, and consultants of Nested Knowledge. Security Awareness Training Policy Upon hiring, Nested...
