Davina Solutions

Introduction:

Davina Solutions Pvt. Ltd. (referred to as "the Company," "we," "us," or "our") is committed to maintaining the security, confidentiality, and integrity of the information entrusted to us by our clients and users. This Security Policy outlines the measures and practices we follow to ensure the security of information and systems.

Information Security Responsibilities:

Management Commitment:	Company management is committed to providing the necessary resources and support to maintain an effective information security program.
Employee Responsibilities:	All employees are responsible for understanding and adhering to the security policies and procedures defined by the Company. Training on security best practices will be provided regularly.

Information Classification and Handling:

Data Classification:	Information will be classified based on its sensitivity and importance. Access controls and protection measures will be implemented accordingly.
Data Handling:	Procedures for the proper handling, storage, and disposal of sensitive information will be established and communicated to all employees.

Access Control:

User Access:	Access to information systems will be granted based on the principle of least privilege. Employees will only have access to the information and systems necessary for their roles.
User Authentication:	Strong authentication mechanisms will be implemented to ensure that only authorized individuals can access sensitive systems and data.

Physical Security:

Facilities Access:	Physical access to company facilities will be restricted to authorized personnel. Security measures, such as keycard access and surveillance cameras, will be implemented.
Equipment Security:	Company equipment, including computers and servers, will be physically secured to prevent unauthorized access.

Network Security:

Firewalls and Intrusion Detection:	Firewalls and intrusion detection systems will be implemented to protect the company's network from unauthorized access and cyber threats.
Encryption:	Sensitive data transmitted over networks will be encrypted to protect it from interception.

Incident Response and Reporting:

Incident Response Plan:	An incident response plan will be established to effectively respond to and mitigate security incidents.
Reporting Security Incidents:	Employees are required to promptly report any suspected security incidents to the designated security contact.

Security Awareness Training:

Employee Training:	Regular security awareness training will be provided to employees to keep them informed about security best practices and emerging threats.
Phishing Awareness:	Employees will be trained to recognize and report phishing attempts.

Review and Audit:

Security Audits:	Regular security audits and assessments will be conducted to ensure the effectiveness of security controls.
Policy Review:	This Security Policy will be reviewed periodically and updated as necessary to address changes in the business environment or security landscape.

Compliance:

The Company is committed to complying with all relevant laws, regulations, and industry standards related to information security.

Contact Information:

If you have any questions or concerns about this Disclaimer Policy, please contact us at rahul@davinasolutions.com

Last updated: 15/10/2023

Davina Solutions Pvt. Ltd.