Data Protection
We implement industry-standard security measures to protect personal and sensitive data, including:
- Encryption for data at rest and in transit.
- Strict access controls based on the principle of least privilege.
- Regular audits and compliance checks to meet GDPR, HIPAA, or other applicable standards.
Access Management
We ensure secure access to systems and data by:
- Enforcing multi-factor authentication (MFA).
- Regularly reviewing and updating access permissions.
- Monitoring and logging access to sensitive systems.
Incident Response
Our incident response plan includes:
- Immediate identification and containment of threats.
- Communication protocols to notify affected parties promptly.
- Continuous improvement based on incident post-mortem analysis.
Network and Infrastructure Security
To protect our systems, we deploy:
- Firewalls, intrusion detection systems, and intrusion prevention systems.
- Regular vulnerability assessments and penetration testing.
- Secure development practices, including code reviews and testing.
Employee Training
We educate our staff on security best practices through:
- Regular training sessions on recognizing phishing and social engineering attacks.
- Mandatory security awareness programs.
- Clear policies regarding acceptable use of company systems.
Compliance and Governance
We adhere to relevant regulatory and industry standards, ensuring compliance through:
- Regular third-party audits.
- Certification under frameworks like ISO 27001 or SOC 2.
- Transparent reporting and accountability mechanisms.
Third-Party Security
We assess and monitor our vendors’ security practices by:
- Conducting regular due diligence and risk assessments.
- Requiring compliance with our security standards through agreements.
- Auditing third-party access to our systems and data.
Updates and Maintenance
We ensure continuous security improvement by:
- Deploying timely updates and patches to systems and applications.
- Reviewing and enhancing policies in response to evolving threats.
- Engaging in proactive research to anticipate emerging risks.
Unsubscribe information
To stop receiving communications from Nemko Digital, click the unsubscribe link included in our emails or contact us directly at digital@nemko.com
This policy is effective as of January 15th 2025. Updates will be posted in this page and communicated to users as needed.
