-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
GITBOOK-870: Security policy update / added new policies and directed…
… them to Internal Handbook
- Loading branch information
1 parent
bc50b23
commit 4ea81ab
Showing
18 changed files
with
267 additions
and
154 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
15 changes: 15 additions & 0 deletions
15
...curity-policy/data-classification-and-management/data-retention-and-disposal.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
--- | ||
description: This policy applies to all employees and contractors. | ||
--- | ||
|
||
# Data Retention and Disposal | ||
|
||
## Purpose | ||
|
||
The purpose of this Data Retention Policy is to establish guidelines for the appropriate management of data throughout its lifecycle. This policy aims to ensure compliance with relevant regulations and protect the privacy and security of data. | ||
|
||
## Policy | ||
|
||
[Data retention and disposal policy](https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/\~/changes/1876/security/security-policies/security-policy/data-classification-and-management/data-retention-and-disposal) is available to all employees and contractors within our internal handbook[.](https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/\~/changes/1876/security/security-policies/security-policy/data-classification-and-management/data-retention-and-disposal)  | ||
|
||
## |
13 changes: 13 additions & 0 deletions
13
departments-and-operations/security/security-policy/internal-controls-policy.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
--- | ||
description: This policy applies to all employees and contractors. | ||
--- | ||
|
||
# Internal Controls Policy | ||
|
||
## Purpose | ||
|
||
The objective of our internal control policy is to establish and maintain effective information security controls that safeguard the confidentiality, integrity, and availability of Rocket.Chat’s assets and operations. | ||
|
||
## Policy | ||
|
||
[Internal Controls policy](https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/\~/changes/1876/security/security-policies/security-policy/internal-controls-policy) is available to all employees and contractors within our internal handbook. |
16 changes: 16 additions & 0 deletions
16
departments-and-operations/security/security-policy/network-security.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
--- | ||
description: Applicable to all employees and contractors. | ||
--- | ||
|
||
# Network Security | ||
|
||
## Purpose | ||
|
||
The purpose of the network security policy is to establish guidelines and responsibilities to ensure the security and integrity of the organization's network infrastructure and data. It aims to protect sensitive information, prevent unauthorized access, mitigate security risks, and maintain compliance with relevant regulations. | ||
|
||
## Policy | ||
|
||
[Network security policy](https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/\~/changes/1876/security/security-policies/security-policy/network-security) is available to all employees and contractors within our internal handbook. | ||
|
||
|
||
|
13 changes: 13 additions & 0 deletions
13
departments-and-operations/security/security-policy/secure-data-transfer.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
--- | ||
description: This policy applies to all employees and contractors. | ||
--- | ||
|
||
# Secure Data Transfer | ||
|
||
## Purpose  | ||
|
||
The purpose of Secure Data transfer policy is to establish guidelines and procedures for the secure transfer of sensitive data, both externally and internationally. It aims to protect the confidentiality, integrity, and availability of the organization's information assets during data transfers, while ensuring compliance with applicable laws, regulations, and contractual obligations. | ||
|
||
## Policy | ||
|
||
[Secure Data Transfer policy](https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/\~/changes/1876/security/security-policies/security-policy/secure-data-transfer) |
19 changes: 19 additions & 0 deletions
19
departments-and-operations/security/security-policy/secure-development.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
description: >- | ||
This policy applies to employees, contractors, and third-party vendors engaged | ||
in software development activities within Rocket.Chat. | ||
--- | ||
|
||
# Secure Development | ||
|
||
## Purpose | ||
|
||
The purpose of the secure development policy is to ensure that our software development processes prioritize security and incorporate robust security measures at every stage. This policy aims to protect our software applications, sensitive data, and customer information from unauthorized access, data breaches, and other security threats. By following this policy, we aim to deliver secure and reliable software solutions to our clients, comply with relevant regulations, and maintain the trust of our customers. | ||
|
||
## Policy | ||
|
||
[Secure Development Policy](https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/\~/changes/1876/security/security-policies/security-policy/secure-development) | ||
|
||
\ | ||
|
||
|
9 changes: 9 additions & 0 deletions
9
...s-and-operations/security/security-policy/vulnerability-and-patch-management.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
# Vulnerability and Patch Management | ||
|
||
## Purpose | ||
|
||
The policy outlines the procedures for detecting, assessing vulnerabilities, and applying patches in software applications and infrastructure components used by our company. The primary objective is to enhance security by proactively identifying vulnerabilities and addressing them in a timely manner. | ||
|
||
## Policy | ||
|
||
Available at this [link](https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/\~/changes/1876/security/security-policies/security-policy/vulnerability-and-patch-management).   |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.