Organizational security

CONTROL

STATUS

Asset disposal procedures utilized

The company has electronic media containing confidential information purged or destroyed in accordance with best practices, and certificates of destruction are issued for each device destroyed.

✅

Anti-malware technology utilized

The company deploys anti-malware technology to environments commonly susceptible to malicious attacks and configures this to be updated routinely, logged, and installed on all relevant systems.

✅

Code of Conduct acknowledged by employees and enforced

The company requires employees to acknowledge a code of conduct at the time of hire. Employees who violate the code of conduct are subject to disciplinary actions in accordance with a disciplinary policy.

✅

Password policy enforced

The company requires passwords for in-scope system components to be configured according to the company's policy.

✅

MDM system utilized

The company has a mobile device management (MDM) system in place to centrally manage mobile devices supporting the service.

✅