CBS

Security Policy

CBS FoodTech Information Security Policy

Effective Date: 01/01/2023

Revision Date: 13/09/2023

Introduction

This Information Security Policy ("Policy") establishes the framework within which CBS FoodTech ("Company", "We", "Us", "Our") manages its information security program. This Policy is applicable to all employees, contractors, and third-party service providers who have access to Company systems ("Users").

Objective

To protect the integrity, confidentiality, and availability of information assets owned, leased, or otherwise used by CBS FoodTech.

Scope

This Policy applies to all information—regardless of medium or format—created, received, maintained, or transmitted by the Company, including but not limited to, physical and electronic data.

Policy Statements

Data Classification

All Company data must be classified into one of the following categories:

  1. Public: Information that can be disclosed to the public without any repercussions.
  2. Internal: Information that should not be disclosed to the public but is not harmful if leaked.
  3. Confidential: Sensitive business information that unauthorized disclosure could result in severe damage.
  4. Restricted: Highly sensitive information with restricted access, usually regulated by law.

Access Control

  1. Access to information and systems shall be granted based on the principle of "least privilege."
  2. Multi-factor authentication shall be implemented wherever feasible.

Physical Security

  1. Physical access to critical infrastructure areas is restricted.
  2. Surveillance cameras are deployed at key areas.

Network Security

  1. Firewalls shall be configured to block all unnecessary ports.
  2. Network monitoring tools will be used to detect and alert anomalous behavior.

Incident Response

  1. Any suspected security incident must be reported immediately to the IT Security Team.
  2. A post-incident review will be conducted for all incidents.

Security Training

  1. All Users are required to complete an annual Information Security Awareness Training.

Compliance and Auditing

  1. Regular audits will be conducted to ensure compliance with this Policy and any applicable laws.

Enforcement

Failure to comply with this Policy may result in disciplinary actions up to and including termination.

Changes and Updates

This Policy may be revised at the discretion of the Company. Notification of changes will be communicated through Company channels.

Contact Information

For questions or concerns regarding this Policy, please contact:

By clicking 'Accept All' you consent that we may collect information about you for various purposes, including: Functionality, Statistics and Marketing