Information & IT Security
Our defense-in-depth program safeguarding people, processes and technology across CIDCO. Aligned with ISO/IEC 27001:2022 and NIST CSF 2.0.
Key Security Policies
- View
Information Security Policy
Master policy framing the ISMS scope, principles and accountabilities.
- View
Network Security Policy
Segmentation, firewall rules, zero-trust access and remote connectivity.
- View
Access Control Policy
Identity lifecycle, RBAC, privileged access and quarterly recertification.
- View
Incident Response Plan
Detect, contain, eradicate and recover playbooks with RACI matrix.
- View
Cryptography Policy
Approved algorithms, key management and certificate governance.
Security Awareness — Stay Vigilant
- K
MFA on Everything
Use Microsoft Authenticator for all corporate sign-ins. Never approve unexpected prompts.
- F
Spot Phishing
Hover before you click. Report suspicious mail with the 'Report Phishing' button.
- K
Strong Passphrases
Minimum 14 characters. Use a passphrase, not a password. Manage with the corporate vault.
- PC
Lock When You Leave
Win+L every time you step away. Auto-lock kicks in after 5 minutes.
- W
Public Wi-Fi
Always connect through GlobalProtect VPN — never transact on open networks.