cosmic view during night time

Organizational Security Policy

Policy is the First Step in Implementing Cybersecurity

Maintenance

POL.MA.L2-3.7.1

Planet Security, Inc. shall exclusively perform maintenance on the CPE/SPE environment.

POL.MA.L2-3.7.2

Planet Security, Inc. shall exclusively control the tools, techniques, mechanisms, and personnel used to conduct system maintenance.

POL.MA.L2-3.7.3

CLIENT executive management shall ensure that equipment that stores, processes, or transmits CUI to be removed for off-site maintenance is sanitized of any CUI prior to its removal from the physical premises. For instance: Prior to a printer being taken off-site for maintenance CLIENT will remove the hard drive. If the printer cannot be repaired, then the hard drive shall be destroyed. Methods of destruction/sanitization shall be consistent with NIST SP800-88.

Planet Security, Inc. will sanitize/destroy the drive at no additional cost to CLIENT if prepaid, mailed/shipped to:

Planet Security Inc.

5325 S Fort Apache Rd. Suite D2

Las Vegas, NV 89148

Please include a note describing the request with an authorized signature. We will contact CLIENT management via Signal Messenger to verify the request.

The drive will not be returned to CLIENT.

POL.MA.L2-3.7.4

The CPE/SPE environment does not allow for CLIENT installation of software.

Operational Technology shall not use physical media for installation of software unless errors, etc. prevent its viable installation. If physical media is used, it shall be scanned for malware before the physical media device is inserted into any device that stores, processes, or transmits CUI.

POL.MA.L2-3.7.5

The CPE/SPE shall use MFA at all times, for all users. Non-local maintenance sessions shall be terminated when maintenance is complete. Maintenance is exclusively performed by Planet Security, Inc.

POL.MA.L2-3.7.6

The CLIENT security team (Often the CCB members as they're already involved with CLIENT security) shall supervise the maintenance activities of maintenance personnel without required access authorization. If the CLIENT team member assigned is not familiar with what the technician is doing, they shall notify the security team lead so that a contextually adept replacement can/will be assigned.


For questions regarding this Information Security Policy, please reach out to your Planet Security, Inc. Support Engineers using Signal.

Download Your Policy
Planet Security, Inc.

5325 S Fort Apache Rd.Suite D2 Las Vegas , NV 89148

Signal Messenger: helpdesk.100

© 1993-2025. Planet Security Inc. All rights reserved.

Phone: 725.246.0191

helpme@planetsecurity.net

★★★★★

protecting cui protects the american warfighter

CUI Protected enclave | Small Protected Enclave