This Security and Access Policy provides a company with a single reference for governance pertaining to matters of security for personnel, facilities, assets, information and business operations.
According to this policy, access to data and information systems is granted to users based on their job function and business requirements. The new access is approved by authorized personnel. A periodic review of system access is performed to verify that users have appropriate access. A company-managed firewall protects all external internet protocol (IP) connections to the company’s network, and all vulnerability and network attacks are scanned by a real-time intrusion detection system.