mirror of
https://github.com/strongdm/comply
synced 2024-11-17 05:14:55 +00:00
907 B
907 B
name: Application Security Policy acronym: ASP satisfies: TSC: - CC6.2 majorRevisions:
- date: Jun 1 2018 comment: Initial document
Overview
The Application Security Policy governs the use of applications deemed critical to {{.Name} Information Security.
Critical Applications
The following applications are within the scope of this policy:
- GitHub
- Slack
- Google Apps
Applications supporting production data operations (specifically the AWS Console) are deliberately excluded from this policy.
Data Sensitivity
Any company proprietary data may be stored within these [Critical Applications].
Customer support activities must be conducted entirely within the [Critical Applications].
Other Applications
Other applications not listed in [Critical Applications] may include company proprietary data, but must not contain any customer support or customer-owned data.