cosmic view during night time

Organizational Security Policy

Policy is the First Step in Implementing Cybersecurity

Identification and Authentication

POL.IA.L1-3.5.1

The CPE/SPE identify system users, processes acting on behalf of users, and devices.

POL.IA.L1-3.5.2

The CLIENT shall authenticate (or verify) the identities of users before providing access to CUI.

Planet Security Inc. shall authenticate any process, or device, as a prerequisite to allowing access to CUI.

POL.IA.L2-3.5.3

The CPE/SPE shall utilize MFA for all access, at all times.

POL.IA.L2-3.5.4

The CPE/SPE shall utilize replay-resistant authentication mechanisms for network access to all accounts, at all times.

POL.IA.L2-3.5.5

The CPE/SPE shall never allow the reuse of identifiers (Usernames).

POL.IA.L2-3.5.6

CLIENT shall notify Planet Security, Inc. of anyone who will be out of the office for more than 3 consecutive days via Signal Messenger at least 3 days prior to their absence. Planet Security, Inc. shall disable the account in the CPE/SPE during this time. The account shall be re-enabled upon their return and at the request of the CLIENT.

CLIENT will ensure that all CLIENT organizational personnel are made aware of the respective absence in advance, and will ensure updating of CLIENT personnel upon the return of the subject.

POL.IA.L2-3.5.7

The CPE/SPE shall enforce a minimum password length of 8 characters and shall consist of at least three of the following four complexity classes:

  • Upper Case

  • Lower Case

  • Special Character

  • Numerical Value

POL.IA.L2-3.5.8

The CPE/SPE shall prohibit password reuse for twelve (12) generations.

Passwords used for CPE/SPE shall not be used with any other system (Zoom, Microsoft 365, Facebook, LinkedIn, etc.).

POL.IA.L2-3.5.9

Planet Security shall mandate a temporary password, with an immediate change to a permanent password that is consistent with password policy, when administratively resetting an existing user password or when a new user account is created. MFA shall also be mandatory before the authorized account is given access to CUI.

POL.IA.L2-3.5.10

The CPE/SPE shall store and transmit only cryptographically protected passwords.

POL.IA.L2-3.5.11

The CPE/SPE shall obscure feedback of authentication information. CLIENT user shall never use the "Eyeball Feature" when made available.



For questions regarding this Information Security Policy, please reach out to your Planet Security, Inc. Support Engineers using Signal.

Download Your Policy
Planet Security, Inc.

5325 S Fort Apache Rd.Suite D2 Las Vegas , NV 89148

Signal Messenger: helpdesk.100

© 1993-2025. Planet Security Inc. All rights reserved.

Phone: 725.246.0191

helpme@planetsecurity.net

★★★★★

protecting cui protects the american warfighter

CUI Protected enclave | Small Protected Enclave