Security Appendix: Difference between revisions

(3 intermediate revisions by the same user not shown)

Line 1:

== Commitments of confidentiality of the collaborators==

Employees are expected to sign the confidentiality statement signed at the very beginning of their journey

Employees are expected to sign [https://drive.google.com/open?id=1FUAPlI3_lUwEYginzC4PHE3MHxSkNp2b the confidentiality statement] signed at the very beginning of their journey

== Protection measures for applications and servers==

Applications: Access control policy & Policy for IT Asset Management

Applications: [https://drive.google.com/open?id=11RM-CoDgTPcn6zxtaAF_H-suDVQK9O6U6veJh7WY1es Access control policy] & [https://docs.google.com/document/d/1cwWh_IaEFti76v-2xsBy06D6BOn8WerWlATAntsB6YI/edit?usp=sharing Policy for IT Asset Management]

Server & network services:

Users Guidelines (Policy) to access Officience network services: Network access guideline

Users Guidelines (Policy) to access Officience network services: [https://docs.google.com/document/d/175tliaOsuAS12FoF5KNiaE3AtyaWA-FlHkqmD5gPGqo/edit?usp=sharing Network access guideline]

Security controls implemented to protect servers & network services: [https://docs.google.com/document/d/1xYpCvPqfxwQmB0Q0K78_uPR0LPmlpuTQUJr4IBsaHUA/edit?usp=sharing Network access control - implementation]

~~Security controls implemented to protect~~ servers & network ~~services~~: ~~Network access control~~ - ~~implementation~~

Vulnerabilities scanning & management for the information infrastructure( servers, desktops, network devices, web applications,..): [https://docs.google.com/document/d/1yio-NRfwghpzMWiGM2MCCRsdgzrD07PHXeTsb54nwWU/edit?usp=sharing Vulnerability Management Policy]

~~Vulnerabilities scanning &~~ management ~~for the information infrastructure( servers, desktops, network devices, web applications,~~..~~): Vulnerability Management~~ Policy

Security incidents management: [https://docs.google.com/document/d/1ZK7HPrdD8QCrNcroAkvNOzwtz4YNgVpMPtJEv5anhyU/edit# Security Incident Response Policy]

~~Security incidents management~~: Security ~~Incident Response Policy~~

== Employee access control measures to the information system (authentication using identifiers, strong passwords)==

[https://docs.google.com/presentation/d/1tLhfFzQ3F5JRhsA5mton-Pb_dR75tIQTxtCv9t2SgLM/edit Security Training Awareness]

[https://drive.google.com/open?id=11RM-CoDgTPcn6zxtaAF_H-suDVQK9O6U6veJh7WY1es Access control policy]

=~~= Employee access control measures to the information system (authentication using identifiers, strong passwords)==~~

[https://docs.google.com/document/d/1ipbV1zPnUtkQxCJl4bjtQLeFvnwPAvoTPuKrj5Arzts/edit?usp=sharing Remote access policy]

~~Security Training Awareness~~

~~Access control policy~~

Remote access policy

~~password policy~~

[https://docs.google.com/document/d/1rXlOsyFSbtK4IVAQWdpBwRTw-FtWtpbdg2RcW55ouvA/edit?usp=sharing Password policy]

== Traceability of connections and actions==

@@ Line 1: / Line 1: @@
 == Commitments of confidentiality of the collaborators==
-Employees are expected to sign the confidentiality statement signed at the very beginning of their journey
+Employees are expected to sign [https://drive.google.com/open?id=1FUAPlI3_lUwEYginzC4PHE3MHxSkNp2b the confidentiality statement] signed at the very beginning of their journey
 == Protection measures for applications and servers==
-Applications: Access control policy & Policy for IT Asset Management
+Applications: [https://drive.google.com/open?id=11RM-CoDgTPcn6zxtaAF_H-suDVQK9O6U6veJh7WY1es Access control policy] & [https://docs.google.com/document/d/1cwWh_IaEFti76v-2xsBy06D6BOn8WerWlATAntsB6YI/edit?usp=sharing Policy for IT Asset Management]
 Server & network services:
-Users Guidelines (Policy) to access Officience network services: Network access guideline
+Users Guidelines (Policy) to access Officience network services: [https://docs.google.com/document/d/175tliaOsuAS12FoF5KNiaE3AtyaWA-FlHkqmD5gPGqo/edit?usp=sharing Network access guideline]
+Security controls implemented to protect servers & network services: [https://docs.google.com/document/d/1xYpCvPqfxwQmB0Q0K78_uPR0LPmlpuTQUJr4IBsaHUA/edit?usp=sharing Network access control - implementation]
-Security controls implemented to protect servers & network services: Network access control - implementation
+Vulnerabilities scanning & management for the information infrastructure( servers, desktops, network devices, web applications,..):  [https://docs.google.com/document/d/1yio-NRfwghpzMWiGM2MCCRsdgzrD07PHXeTsb54nwWU/edit?usp=sharing Vulnerability Management Policy]
-Vulnerabilities scanning & management for the information infrastructure( servers, desktops, network devices, web applications,..):  Vulnerability Management Policy
+Security incidents management: [https://docs.google.com/document/d/1ZK7HPrdD8QCrNcroAkvNOzwtz4YNgVpMPtJEv5anhyU/edit# Security Incident Response Policy]
-Security incidents management: Security Incident Response Policy
+== Employee access control measures to the information system (authentication using identifiers, strong passwords)==
+[https://docs.google.com/presentation/d/1tLhfFzQ3F5JRhsA5mton-Pb_dR75tIQTxtCv9t2SgLM/edit Security Training Awareness]
+[https://drive.google.com/open?id=11RM-CoDgTPcn6zxtaAF_H-suDVQK9O6U6veJh7WY1es Access control policy]
-== Employee access control measures to the information system (authentication using identifiers, strong passwords)==
+[https://docs.google.com/document/d/1ipbV1zPnUtkQxCJl4bjtQLeFvnwPAvoTPuKrj5Arzts/edit?usp=sharing Remote access policy]
-Security Training Awareness
-Access control policy
-Remote access policy
-password policy
+[https://docs.google.com/document/d/1rXlOsyFSbtK4IVAQWdpBwRTw-FtWtpbdg2RcW55ouvA/edit?usp=sharing Password policy]
 == Traceability of connections and actions==

Security Appendix: Difference between revisions

Navigation menu

Search