Professional Documents
Culture Documents
Table of Content
1. Document Control.................................................................................2
1.1 Table of Abbreviation.............................................................................................................................2
1.2 Document Reference...............................................................................................................................2
1.3 Version History........................................................................................................................................2
1.4 Responsibilities within this document.................................................................................................2
1.5 Approval Authorization..........................................................................................................................2
2. Introduction............................................................................................3
2.1 Purpose.....................................................................................................................................................3
2.2 Scope......................................................................................................................................................... 3
2.3 Control of hardcopy versions.................................................................................................................3
2.4 Terms and Definitions............................................................................................................................3
2.5 Responsibilities.......................................................................................................................................4
4. Password Policy.....................................................................................6
4.1 Password Creation and Use:..............................................................................................................................6
4.2 Password Change:.............................................................................................................................................6
4.3 Password Protection:.........................................................................................................................................7
4.4 Multi-Factor Authentication:.............................................................................................................................7
1
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
8. Breaches of Policy...............................................................................13
1. Document Control
1.1 Table of Abbreviation
Acronym Description
ISMS Information Security Management System
2
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
2. Introduction
2.1 Purpose
The User Protection Policy serves to establish a comprehensive set of guidelines aimed at
safeguarding the confidentiality, integrity, and availability of sensitive information, with a
primary focus on user protection. This policy outlines measures to ensure the secure
handling of user-related information. By adhering to the principles in this policy,
organizations can create a secure and trusted environment that protects user rights and
privacy throughout the information processing lifecycle.
2.2 Scope
All personnel, including employees, staff, and third parties affiliated with or engaged in
activities with DINARAK , are obligated to adhere to the standards outlined in this policy
when delivering any services to clients.
3
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
2.5 Responsibilities
Managers, supervisors, and employees within DINARAK bear the responsibility for
executing this policy within the boundaries of their roles, ensuring that all fellow
employees and team members comprehend their duties regarding the provision of
services to clients.
4
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
Cybersecurity Training:
- DINARAK mandates yearly cybersecurity training for all information systems users,
covering acceptable use policies and good computing practices.
5
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
4. Password Policy
The Password Policy outlines the creation, management, and protection of
passwords within the organizational information security management system.
This policy aims to fortify authentication mechanisms, thereby enhancing
overall security measures.
The focus is on safeguarding sensitive data and critical systems from
unauthorized access, ensuring the integrity and confidentiality of information
assets. Adherence to this policy is essential for cultivating a secure computing
environment that not only meets ISO 27001 principles but also promotes a
robust defense against potential security threats.
6
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
7
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
8
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
9
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
10
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
• Device’s camera and/or video capabilities are/are not disabled while on-site
• The following apps are permitted: (include a detailed list of apps, such as weather,
productivity apps, Facebook, etc., which will be permitted)
• The following apps are not permitted: (apps not downloaded through iTunes or
Google Play, etc.)
• Devices must not be used at any time to: - Store or transmit illicit materials
11
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
13
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1
Dinarak| User Protection Policy
8. Breaches of Policy
DINARAK will take all necessary measures to remedy any breach of this policy including
the use of our disciplinary or contractual processes where appropriate.
14
Document Classification: Internal Use
Document ID: DINARAK-ISMS-UPP-001
Version No.:0.1