Table of Contents

Data-loss-prevention (DLP)

You are here:

Data-Loss Prevention (DLP)

 

The security of your data is of utmost importance to us. We have a comprehensive set of organisational and technical controls to make sure your data is stored and handled securely according to industry best practices.

 

Organisational controls

  • Polonious is ISO 27001 and ISO 9001 certified and has established a mature IMS (Information Management System) which includes policies and procedures on who can access client data, how to access client data and acceptable use / handling of client sensitive data.
  • Polonious IMS systems managers run regular IMS awareness training and internal audits to make sure employees follow those procedures and policies.
  • All Polonious staff are vetted (including police checks) as part of the onboarding process.
  • Access to servers / services containing client data is restricted to a minimal number of staff (usually only 3 Polonious technical staff to reduce exposure but allow for 100% support coverage in case of sickness and vacation).

Technical controls

  • All client data is classified and tagged using AWS Resource Tags
  • All client data is encrypted in transit and at rest using best-practice encryption methods and standards. This includes encryption of EC2/EBS (application server / disk), RDS (database), and S3 (uploaded documents).- Encryption keys are securely managed via AWS KMS
  • Every Knox-grade Polonious client environment is hosted in its own VPC on AWS with strict security groups configured
  • Access to a Knox-grade Polonious client environment is secured via a dedicated VPN 
  • Access to the AWS console is restricted via security groups and IAM managed. Use of MFA-login is required to gain access to AWS console.
  • All AWS console actions are logged in CloudTrail / CloudWatch and forwarded to an external SIEM provider for analysis and automated alerting 
  • All actions on the operating system level are captured via SIEM agent and forwarded to an external SIEM provider for analysis and automated alerting
  • SIEM alerts are sent to multiple Polonious staff including ISO system manager who is not involved in the technical support processes
Previous User & login management
Next Knox-grade security
SIU Insights report 2021How do you compare to other SIUs?

Check out some interesting results from our SIU management survey. Submit below form to receive the download link and related updates going forward.

GICOP changes 2021Download the GICOP whitepaper and stay compliant.

Our whitepaper covers all aspects you need to know to stay compliant with the latest GICOP changes coming into effect in 2021. Submit below form to receive the download link and related updates going forward.