Security Policy

This cyber security policy is for our employees, vendors and partners to refer to when they need advice and guidelines related to cyber law and cyber crime. Having this policy we are trying to protect TestDome's data and technology infrastructure. This policy applies to all of TestDome's employees, contractors, volunteers, vendors and anyone else who may have any type of access to TestDome's systems, software and hardware.

Examples of Confidential Data

Some of the common examples of confidential data include:

  • Classified financial information
  • Customer data
  • Data about partners
  • Data about vendors
  • Patents, formulas or new technologies

Device Security

Employees are obligated to keep their devices in a safe place, not exposed unprotected to anyone else.

We recommend employees to follow these best practices:

  • Keep all electronic devices' password secured with a strong password and protected
  • Logging into company's accounts should be done only through safe networks
  • Install security updates on a regular basis
  • Upgrade antivirus software on a regular basis
  • Don't ever leave your devices unprotected and exposed
  • Lock your computer when leaving the desk

Email Security

Emails can carry scams or malevolent software (for example worms, bugs etc.). In order to avoid virus infection or data theft, our policy is always to inform employees to:

  • Abstain from opening attachments or clicking any links in the situations when its content is not well explained
  • Make sure to always check email addresses and names of senders.
  • Search for inconsistencies
  • Be careful with clickbait titles (for example offering prizes, advice, etc.)
In case that an employee is not sure if the email received, or any type of data is safe, they can always contact our IT specialist.

Managing Passwords

To ensure avoiding that your company account password gets hacked, use these best practices for setting up passwords:

  • At least 8 characters with min 2 letters and 2 numbers
  • Substrings of the password should not be words (like "fast007car")
  • Do not write down password and leave it unprotected
  • Do not exchange credentials when not requested or approved by supervisor
  • Change passwords every 12 months

Transferring Data

Data transfer is one of the most common ways cyber-crimes happen. Follow these best practices when transferring data:

  • Avoid transferring personal data such as customer and employee confidential data
  • Use TLS encryption when transferring data

Disciplinary Action

When best practices and company's policy are not followed, disciplinary actions take place.

Some of the examples of disciplinary actions include:

  • In case of breaches that are intentional or repeated, and are harmful to our company, TestDome will take serious actions including termination
  • Depending on how serious the breach is, there will be up to two warnings
  • Each incident will be evaluated
  • Each case and incidence will be assessed on a case-by-case basis
  • Everyone who disregards company's policies will face progressive discipline