Security Policy

Copy Magic Security Policies

Premises:

Secure premises monitored by our security company at all times. Shop windows and doors protected with extra layer of protection in case of forced entry.

Secure Paper Shredding and Recycling:

Copy Magic has a contract with sita for secure paper disposal. All paper containing sensitive information must be discarded in the secured blue bin provided by sita. All sensitive information on paper can be disposed as per instructed requirements of the customer.

Key Control:

Mechanical keys are tracked and duplication monitored.

Visitor Management:

All visitors originate from a controlled entry point, receptionist area. Visitors are escorted at all times. Visitors are signed in when needed.

Visitor management policy is communicated clearly to our employees.

Non-Disclosure Agreement:

Our staff understand what information they may and may not pass on. We can enforce a non-disclosure agreement to suit our customers specific needs.

Digital Data:

Access to data whether current or archived is provided only to authorised individuals who, in the course of performing their responsibilities and functions.

All data on the network is protected by Avira AntiVir Professional software, it is automatically updated. The software we use has been effective in handling malicious software such as viruses, spyware, or Trojans. All customer digital media devices and digital files are scanned before use.

Remote access to our internal network by staff and customers is prohibited

All customer digital media is scanned for threats. Any viral infection that is not immediately dealt with by staff is notified to our IT security consultant.

All user data is backed up to a hard drive on a fortnightly basis, using an _____ system for fast indexing and data restoration.

Backups are securely stored.

A second backup of the backup is securely stored off site, in case of catastrophic system loss.

Secure E-Waste Destruction, & Recycling:

Copy Magic's certified e-waste vendor, _________, will securely destroy e-waste.
This vendor was chosen based on requirements for ensuring all e-waste capable of storing
sensitive data is properly destroyed.

Website Security:

The service provider has enabled a firewall and a intruder monitoring system.
The website is actively maintained, reviewed and updated.

Internet Usage:

Downloading by Staff is limited. Only approved websites with secured browsing is allowed.

Email/Social Networking:

Revealing confidential information in emails and social media pages is not allowed

Commitment to improve our IT Security Policy in the following areas:

Authentication - ensuring a user is who he says he is.

Authorisation - controlling what information and applications a user can access.

Privacy and data integritiy - preventing unauthorised users from seeing certain information. 

Preventing unauthorised changes or deletions. 

Disposing of physical information securely along the supply chain.

Non-repudiation - making sure that parties in a transaction can not deny what they said or what they did.

Disaster recovery and contingency planning.

Physical security.