Security for Everyone

Security Policy

As a requirement for employment, every employee must review and acknowledge the https://axelerant.atlassian.net/wiki/spaces/OA/pages/173080658 that includes:

• Acceptable Use Policy

• Access Policy

• Password Policy

• Server & Site Security

Security Awareness

Every employee and contractor at Axelerant practices safe and secure computing in the course of their work. We enhance our https://axelerant.atlassian.net/wiki/spaces/OA/pages/160727117 by:

• Securing our Laptops

• Using Password Management Tools

• Using Multi-Factor Authentication

• Increasing our awareness of Phishing and Social Engineering

• Keeping our Personal Systems up-to-date

• Employing Disk Encryption and Secure Storage Management

When moving through these steps, please update your entries in the Security Checklist -- if you need help, reach out to the SRE Team by just asking in #internal-support tagging @sre-svcs-team

Security and Compliance

Engineers and Project Managers and anyone directly involved in client site operations and management must additionally understand and abide by Axelerant’s standard https://axelerant.atlassian.net/wiki/spaces/AH/pages/163742002 procedures.

Data Classification Standard

Refer to https://about.gitlab.com/handbook/engineering/security/data-classification-standard.html.

Incident Response

All employees and contractors have reviewed the https://axelerant.atlassian.net/wiki/spaces/DLS/pages/649887747 and understand what actions to take should they discover something that could be an incident. See https://axelerant.atlassian.net/wiki/spaces/AH/pages/2983624719/Security+Incidents#What-is-an-incident%3F for additional help. Reference.

The project-specific Incident Response Teams requiring additional training are not covered here.