The purpose of this Data Security Policy (“Policy”) is to describe LinsyxTech security policy regarding customer information, including without limitation personal information collected and processed by LinsyxTech online services.
Specifically, this Policy is intended to identify LinsyxTech policies, procedures, and auditing and training practices utilized for data security, and our resulting responsibilities to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction.
LinsyxTech provides its customers with online data processing services. In this capacity, we do not own or control any of the information we process on behalf of our customers; all such information is owned and controlled by our customers. This customer information is stored in a secure facility of a third-party independent data processor service provider on hardened systems using industry standard data security methods. Access to this information is restricted to authorized personnel only as dictated by operational policies.
LinsyxTech also collects personal information from identifiable persons for purposes of product registration and support, and to complete transactions. This information may be stored on LinsyxTech internal computer network or in offline filing systems. Access to this information is restricted to authorized personnel only as dictated by operational policies.
Approach to Security
The following sections describe LinsyxTech comprehensive approach to ensuring enterprise-wide compliance with its Policy. This consists of four (4) major areas: Security, Personnel Education, Audits and Contracts.
Security of data is the cornerstone of verifying privacy of data. LinsyxTech maintains a rigorous security posture through focused methodology. It is founded on the implementation of best practices and security policies in five (5) major areas providing enterprise wide coverage including:
- Regulatory Controls
- Organizational Controls
- Service Provider Controls
- Standardized Process and Practices
- Business Partner Controls
Key policies in place that contribute to the verification and compliance with the Policy are:
- Awareness and Training
- Personnel Practices
- Administrative Roles and Responsibilities
- Computer, Email and Internet Use Policies
- Network and Telecommunications Security
- Incident Detection and Reporting
- Malicious Code Control (Antivirus)
- Portable Computers
- Logical and System Access
- Physical Access
- Remote Access
- Firewall Management
- Third Party Services
- Software Licensing and Appropriate usage
- Auditing and Monitoring
- Data Classification, Confidentiality, Integrity and Availability
- Policy Compliance
Operational procedures demonstrating compliance with the Policy are:
- Change Control
- Event monitoring
- Data backup
- System hardening
The above referenced policies and procedures are documented and available for review.
Our personnel consist of employees and contractors.
- At least once per year, the this Security Policy is presented and discussed at a company- wide meeting.
- This Security Policy is prominently displayed in an a common area of the office.