Versions Compared

Version Old Version 22 New Version Current
Changes made by

Ankur Gupta

Ankur Gupta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Users are responsible for carefully tracking any confidential information stored on personal devices (including backup/offline storage). Periodically during and after each project, confidential information stored on personal devices should be reviewed. Any longer needed should be deleted (after being archived to an Axelerant service, if needed). Users should ensure files are actually deleted (and not stored in a recycle/trash area), ideally runningĀ a secure delete on the files, which is available out of the box on OS X and GNU/Linux-based systems.

There are also several security concerns with non-confidential information. Even though we don't need to protect it from view, any copies in active use must be protected from unauthorized changes.

Our information technology systems, service, and network infrastructure must be used in ways that maintain:

  • Security from unauthorized access and use

  • Data integrity

  • Compliance with the law

  • Compliance with our hosting provider(s) acceptable use policies

Axelerant IT services provide several general user accounts. This includes:

...

  • Passwords to personal system accounts must never be given to anyone, including IT team personnel and management; IT staff will never ask for your password. Please use 1password password manager when sharing confidential information among the team.

  • Passwords should not be "written down" in a non-encrypted file (if you feel you have to start writing down some "low-value" passwords to maintain a large number of different ones, which is a reasonable tradeoff, use an encrypted file protected with a strong passphrase, or only write down password hints rather than the actual passwords); or use a password manager.

  • Passwords must never be transmitted or stored in a clear text (i.e., readable) format.

  • Passwords can be stored and transmitted by the computer when encrypted with GnuPG public-key encryption; IT services can support getting this set up if needed.

    • The unencrypted clear text contents of a GnuPG encrypted file/message should only ever be viewed then discarded but not saved in decrypted form.

...