top of page
d3 Solutions - Security Policy


This policy outlines the requirements for ensuring the security of information and technology assets owned or managed by the organisation.


This policy applies to all employees, contractors, and vendors who use or have access to the organisation's information and technology assets.

Roles and Responsibilities

All employees, contractors, and vendors are responsible for complying with this policy and ensuring the security of the organisation's information and technology assets.

Password Security

All users must create strong passwords that meet the following requirements:

-Minimum length of 12 characters
-Combination of uppercase and lowercase letters, numbers, and symbols
-Change every 90 days
-Cannot be reused for at least six previous passwords

Network Security

All network traffic is protected with a firewall and intrusion detection/prevention system. Access to the network is granted on a need-to-know basis and monitored for unauthorised access.

Data Security

All data is classified based on its sensitivity and handled accordingly. Sensitive data is encrypted in transit and at rest. Data backups are performed regularly and stored in a secure location.

Physical Security

All workstations, servers, and other technology assets are physically secured to prevent unauthorised access or theft.

Incident Response

All security incidents are reported to the IT department immediately. An incident response is in place ( refer to incident statement), containing procedures for containing and remedying the incident.


All users must comply with all applicable laws, regulations, and industry standards regarding information security.

Policy Review

This policy is reviewed and updated regularly to ensure its effectiveness and compliance with changing technology and security requirements.

bottom of page