Home
Cart
Custom content

This is custom content

Information Security

  1. Access Controls:

    • Access to sensitive information is restricted to authorized personnel only.
    • Multi-factor authentication is enforced for access to critical systems.

  2. Data Encryption:

    • All data transmissions, especially those involving payment information, are encrypted using industry-standard protocols.

  3. Regular Security Audits:

    • Routine security audits are conducted to identify and address potential vulnerabilities.
    • Audits cover both internal and external systems.

  4. Incident Response Plan:

    • A comprehensive incident response plan is in place to address and mitigate security incidents promptly.
    • Employees are trained to follow the established procedures in case of a security breach.

  5. Employee Training:

    • All employees undergo regular security awareness training to ensure understanding and adherence to security protocols.
    • Training includes best practices for handling sensitive information.

  6. Vendor Security Assessment:

    • Third-party vendors handling customer information undergo a thorough security assessment before engagement.
    • Vendors are required to adhere to our security standards.

  7. Data Backups:

    • Regular data backups are performed to prevent data loss in the event of hardware failures or other unforeseen incidents.
    • Backup integrity is regularly tested.

  8. Physical Security:

    • Physical access to servers and infrastructure is restricted to authorized personnel.
    • Security measures such as surveillance and access logs are in place.

  9. Patch Management:

    • Regular updates and patches are applied to systems and software to address known vulnerabilities.
    • Critical updates are prioritized for immediate implementation.

  10. Network Security:

    • Firewalls and intrusion detection/prevention systems are implemented to safeguard the network.
    • Network traffic is monitored for unusual activity.

  11. Data Classification:

    • Data is classified based on sensitivity, and appropriate security measures are applied accordingly.
    • Access to highly sensitive data is restricted to a need-to-know basis.

  12. Mobile Device Security:

    • Mobile devices used for work purposes are secured with passwords and encryption.
    • Remote wipe capabilities are enabled for lost or stolen devices.

  13. Incident Reporting Mechanism:

    • Employees are provided with a clear mechanism for reporting security incidents promptly.
    • Reports are thoroughly investigated and appropriate actions are taken.

These measures ensure the security and integrity of our systems and your data. For more detailed information on our Information Security practices, please contact our Data Protection Officer at inquiries@sheryshaw.com.

This website uses cookies to ensure you get the best experience on our website