A-WARE of Your Needs, LLC Security Policy

Effective November 1, 2021

1.0    Purpose

A-WARE of Your Needs, LLC is obligated to protect confidential, restricted, and/or sensitive data from any data loss to avoid status damage along with harmfully jeopardizing or impacting our clients. Data protection and prevention loss within this scope is a striking requirement within A-WARE of Your Needs, LLC. While at the same time, the flexibility towards accessing this data along with the work efficiency is also a serious matter taken into high regard. It is our primary objective to have our users aware of particular matters and to prevent any accidental loss. In regards to this, it is not always expected that our technological control can effectively deal with malicious situations such a theft. Our primary focus upon this policy is to outline the requirements for data leak prevention.

2.0    Scope

1. All devices used within A-WARE of Your Needs, LLC will handle any sensitive data, client data, company data, and personal identification information. Each device utilized will regulate the use of internet, E-Mail, or any other work related objectives or tasks and is not subject of exception towards technology reasons or legitimate business matters.

2. The Privacy Notice Practice (PNP) will describe the requirements towards the handling of information and the behavioral user requirements. This notice is to expand on the Privacy Notice Practice with the technological controls.

3. The Exemptions: In the case where there is business needed to be exempt from this policy (harmfully impacting other business requirements, situations that are too complex, or even matters that will result to being too costly) a risk assessment will be needed to be conducted towards the authorization of security management.

3.0    Policy

1. A-WARE of Your Needs, LLC data leak prevention technology will monitor and scan for data in proposition.

2. The data leak prevention technology will detect and identify both small and large volumes of sensitive data that could be the subject of high risk or significant impact of being handled improperly.

a. Names, Emails, Addresses or other categories involving identifiable personal information.

b. Documents that have been sternly marked as ‘Confidential’ series.

c. Bank Accounts, Credit Cards, and any other financial subject matters.

3. PNP will contain a log of incidents subject for review. Our IT team will implement the first level of technical procedure towards identifying data that may be subject to sensitive and of situations of concern detected of inappropriate use. In these events, the matter will then be transferred and handled by HR whom will perform the tasks required to secure and protect the individual data of concern.

4. Any access to PNP events will be restricted to a certain group of individuals towards protecting the privacy of all employees and clients.

5. Where there will be any active concern or worry of data breach, the IT management of incidents will process the claims specific to the matter and provide immediate notification to Legal, Security Management and HR representatives.

4.0    Technical Guidelines And Procedures

Technical Guidelines and Procedures are implemented to identify the requirements towards technical realizations that are usually technology specific.

 

1.  A-WARE of Your Needs, LLC chooses to use efficient and reliable technology that will obtain stability and overall high performance upon executing the best services our organization can provide.

2. Our products are configured to identify and detect the data subject at hand through the uses of mass storage devices, E-Mail Clients, IM Clients, Browsers, and any digital data.

3. Daily and Weekly Backups of all data obtained within our organization is implemented to assure and secure the prevention of any data loss.

4. Any former client no longer being monitored or utilizing our services after 30 days will be subjected to removal by completely wiping out all information from our archives. 

5.0    Reporting Requirements

1. Weekly incident reports will be handled by the claims team.

2. Any high priority incidents revealed or discovered by our IT department will immediately be flagged and reported to the proper officials.

3. Monthly reports indicating the percentage of devices encountering any issues within the PNP policy will be notated and documented.

4. All reports are backed up and archived.