d3 Solutions - Data Security & Storage
This policy outlines the procedures for storing and securing sensitive data.
Sensitive data is stored in secure locations such as encrypted hard drives or secure cloud storage. Personal storage devices are prohibited.
Regular backups of sensitive data is performed and stored in a secure location.
Backups are encrypted and accessible only to authorised personnel.
Sensitive data is retained for as long as required by legal and regulatory requirements. Once the retention period expires, the data is be securely deleted or destroyed.
Sensitive data is protected against unauthorised access, modification, or destruction. Access to sensitive data is granted only to authorised personnel and protected by strong passwords and two-factor authentication. Devices and systems that store or access sensitive data is regularly updated with security patches and anti-virus software.
Security breaches are reported immediately to the appropriate personnel. A response plan is in place to contain the incident and minimise potential damage.
Training and Awareness
Employees receive regular training on data storage and data security best practices, including how to handle sensitive data, identify security threats, and report incidents.
This policy complies with all applicable laws and regulations governing data storage and data security in Singapore.
Review and Update
This policy will be reviewed and updated annually or as necessary to ensure it remains effective and compliant with current laws and regulations.
*This document was last updated on Dec 1, 2022