Information Security Policy

Commitment

At Monstarlab, we aim to exploit technology for its better part. With this in mind, we recognize the utmost importance of information security, and it is our goal to keep all informational and

physical assets safe and sound. We are fully aware of the importance of maintaining the availability, confidentiality and integrity of information related to Monstarlab, our employees, clients and other partners. Therefore, we have established and set up an information management system to protect all necessary assets.

At Monstarlab, we are making continuous improvements regarding information security and follow regulations that help us identify information security risks and threats. We actively identify and make clear our liability towards informational assets. Here at Monstarlab, informational assets are stored with the utmost care.

Objectives

We have created an overall approach to information security. The main security objectives of Monstarlab are:

protect our employees' and our client’s data by preventing unauthorized access, modification, misuse and destruction
continuously identify, evaluate, and manage risks, threats and vulnerabilities
perform regular IT and IT Security audits
ensure IT governance by implementing appropriate standards and frameworks
prevent and detect security incidents and apply appropriate controls and countermeasures
preserve our and our client’s reputation
enforce legal responsibilities to comply with applicable legislation, regulations, and contractual requirements
assuring data privacy and safe information handling
ensure we are strong and reliable partner for our clients

Policies

To fulfill our goals in the information security area, we have implemented the following policies to cover all important parts of information security.

Risk Management Policy
P&C Policy
Retention Policy
Mobile Device Management Policy
Asset Management Policy
Background Check Policy
Network Security Policy
Cryptographic & Encryption Policy
Physical Security Policy
IT Infrastructure Policy
Threat Management Policy
VAPT Policy
Log Management Policy
Data Privacy/Breach/Protection Policy
Information Classification and Handling Policy
Identity Management & Access Control Policy
Clear desk and Clear Screen Policy
Change Management Policy
Backup Policy
SDLC Policy
Vendor Management Policy
Incident Management Policy
Internal Audit Policy
Document Management Policy
Cloud Security Policy
BCP/ DRP Policy
Endpoint Protection Policy
DLP Policy
Application Security Policy
PMO Policy

Awareness

At Monstarlab we are fully aware that people are the cornerstone of the company’s security, therefore we continuously improve our employees’ security awareness. All employees, contractors and partners are aware of their individual responsibility to maintain high standards of security.

As an international company Monstarlab implements all security controls globally, irrespective of borders and jurisdictions and makes sure that all our suppliers, agents, consultants or any partner doing business with Monstarlab adheres to equally high security standards.