Unsecured and vulnerable servers/cloud infrastructures continue to be a major entry point for malicious threat actors. Consistent Server/Cloud installation policies, ownership, and configuration management are all about doing the basics well. This is just a summary of our “Operations Security Policy”, “Physical Security Policy”, “Information Security Policy”, “Human Resource Security Policy” which are available upon request through our
The purpose of this policy is to establish standards for the base configuration of all servers, desktops, laptops, and cloud infrastructure that is owned and operated by The Starware Yazılım Ltd. Effective implementation of this policy will minimize unauthorized access to The Starware Yazılım Ltd. proprietary information and technology.
All employees at The Starware Yazılım Ltd. must adhere to this policy.
All cloud infrastructures are subject to our organization security policy. Which is available upon request through our trust center.
All end devices such as laptops are subject to our organization security policy. Which is available upon request through our trust center. All personal laptops used for work must be encrypted and have a password set and logged in using a Google Workspace account. Miradore and Vanta MDMs should be always running. Devices should not be used for any other purpose other than work. The laptop should be kept up to date with the latest security updates. No customer data should be stored on laptops. Every employee should sign a personal laptop usage agreement which further explains the proper usage of personal laptops.
Changes to the organization, business processes, information processing facilities, production software and infrastructure, and systems that affect information security in the production environment and financial systems shall be tested, reviewed, and approved prior to production deployment. All significant changes to in-scope systems and networks must be documented. You can request our “Operations Security Policy” through our trust center.