Security Policy for Manasi Collections

Introduction

Welcome to Manasi Collections! Our security policy outlines the rules and practices we follow to safeguard our assets, protect against threats, and ensure a culture of security excellence. By using our services, you agree to comply with the terms outlined below. If you have any questions, feel free to contact our security team.

Information Security

  1. Data Protection:
    • We handle customer data with utmost care.
    • Personal information is encrypted and stored securely.
  2. Access Control:
    • Access to sensitive systems and data is restricted based on roles and responsibilities.
    • Multi-factor authentication (MFA) is enforced for critical accounts.

Cybersecurity Practices

  1. Network Security:
    • Firewalls and intrusion detection/prevention systems protect our network.
    • Regular vulnerability assessments are conducted.
  2. Endpoint Security:
    • All devices (computers, mobiles) are protected with up-to-date antivirus software.
    • Regular patch management ensures security updates are applied.

Incident Response

  1. Reporting Incidents:
    • Employees are trained to report security incidents promptly.
    • Incident response procedures are followed in case of breaches.
  2. Containment and Recovery:
    • We isolate affected systems to prevent further damage.
    • Backups are regularly tested for data recovery.

Employee Training

  1. Security Awareness:
    • All employees receive security awareness training.
    • Phishing simulations help identify vulnerabilities.
  2. Clearance Levels:
    • Employees have access only to the data necessary for their roles.
    • Confidential information is shared on a need-to-know basis.

Physical Security

  1. Access Controls:
    • Restricted access to our premises.
    • Surveillance cameras monitor critical areas.
  2. Equipment Security:
    • Laptops and mobile devices are encrypted.
    • Lost or stolen devices are reported immediately.

Compliance

  1. Legal and Regulatory:
    • We comply with data protection laws (e.g., GDPR).
    • Regular audits ensure adherence to policies.
  2. Third Parties:
    • Vendors and partners are vetted for security practices.
    • Contracts include security clauses.

Reporting Security Concerns

If you identify any security vulnerabilities or have concerns, please report them to our security team at security@manasicollections.com.