Organizational Security Policy

Policy is the First Step in Implementing Cybersecurity

Systems and Information Integrity

POL.SI.L1-3.14.1

CPE/SPE security flaws shall be identified, reported, and corrected in a timely manner. Timely is defined in policy element POL.RM.L2-3.11.1

POL.SI.L1-3.14.2

The CPE/SPE environment shall provide protection from malicious code at designated locations within the CPE/SPE environment.

POL.SI.L1-3.14.4

The CPE/SPE shall automatically update malicious code protection mechanisms when new releases are available.

POL.SI.L1-3.14.5

The CPE/SPE shall perform daily scans of all components of the CPE/SPE environment and real-time scans of files from external sources as files are downloaded, opened, or executed.

POL.SI.L2-3.14.3

Planet Security, Inc. shall monitor system security alerts and advisories and utilize the SIEM tool for real-time alerts so that remediation can be accomplished in a timely manner.

POL.SI.L2-3.14.6

The CPE/SPE envonrment shall utilize firewall based intrusion detection systems (IDS) monitor including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.

POL.SI.L2-3.14.7

The CPE/SPE environment shall utilize firewall based (IDS) to identify unauthorized use of organizational network based systems. Planet Security, Inc. shall utilze the SIEM to detect unauthorized attempts or usage of Network Operating Systems (RBAC centric)

For questions regarding this Information Security Policy, please reach out to your Planet Security, Inc. Support Engineers using Signal.