Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

  1. Risk Assessemnt
    1. As per our assessment, since we are holding bare minimum details of users, the risk to user privacy is perceived to be low.
  2. The following security measures are considered adequate
    1. Controlled access to the database using passwords, strictly on a need to know basis.
    2. The passwords are encrypted.
    3. All data transfers between machines on the internet are encrypted.
  3. Recovery from a technical OR physical incident
    1. Backups are taken at regular intervals.
    2. In the worst case scenario of a server being unavailable, the systems should be operational within 24 hours of incident.
    3. Only N copies of historical backup’s will be maintained. So, when a user deletes his record, the record will be completely erased from our backups after N cycles.
  • No labels