Security Policy
This Security Policy outlines the measures and procedures implemented by Polar Bay AC, located in the Tampa Bay, Florida area, to safeguard its information assets, ensure the integrity and availability of data, and protect against unauthorized access, disclosure, alteration, or destruction.
1.Scope
This policy applies to all employees, contractors, vendors, and any other parties with access to Polar Bay AC’s information systems, networks, and facilities.
2.Information Security Responsibilities
- Management Responsibilities:
- Management is responsible for establishing, implementing, and enforcing this Security Policy.
- Management must allocate adequate resources for the implementation and maintenance of security controls.
- Management must ensure that employees receive appropriate security awareness training.
- Employee Responsibilities:
- All employees must comply with this Security Policy and associated security procedures.
- Employees must report any suspected security incidents or breaches to the designated security contact.
- Employees must safeguard their access credentials and not share them with unauthorized individuals.
3. Physical Security
- Access to Polar Bay AC’s facilities must be controlled through measures such as locks, access cards, and security personnel.
- Visitors must be escorted at all times while on Polar Bay AC’s premises.
- Equipment containing sensitive information must be physically secured when not in use.
4. Information Security
- All electronic devices must be protected by up-to-date antivirus software and firewalls.
- Access to Polar Bay AC’s information systems must be granted on a need-to-know basis.
- Data must be encrypted when transmitted over public networks or stored on portable devices.
- Regular backups of critical data must be performed and stored securely offsite.
5. Network Security
- Access to Polar Bay AC’s network must be authenticated using strong passwords or other multi-factor authentication methods.
- Wireless networks must be secured using encryption and access controls.
- Remote access to Polar Bay AC’s network must be encrypted and authorized by management.
6. Incident Response
- An incident response team must be designated and trained to handle security incidents.
- All security incidents must be promptly reported, investigated, and documented.
- Measures must be taken to mitigate the impact of security incidents and prevent their recurrence.
7. Compliance
- [Company Name] must comply with all applicable laws, regulations, and industry standards related to information security.
- Regular audits and assessments must be conducted to ensure compliance with this Security Policy.
8. Training and Awareness
- All employees must receive security awareness training upon hire and periodically thereafter.
- Training must cover topics such as password security, phishing awareness, and incident reporting.
9. Enforcement
- Violations of this Security Policy may result in disciplinary action, up to and including termination of employment or legal action.
- Any exceptions to this Security Policy must be approved by management in writing.
10. Review and Revision
- This Security Policy must be reviewed at least annually and updated as necessary to address emerging threats and changes in business operations.
For questions or concerns regarding our Security Policy, please contact us at (813) 310 5790.
Polar Bay AC Management