mirror of
https://github.com/strongdm/comply
synced 2024-07-17 00:00:37 +00:00
33 lines
907 B
Markdown
33 lines
907 B
Markdown
name: Application Security Policy
|
|
acronym: ASP
|
|
satisfies:
|
|
TSC:
|
|
- CC6.2
|
|
majorRevisions:
|
|
- date: Jun 1 2018
|
|
comment: Initial document
|
|
---
|
|
|
|
# Overview
|
|
|
|
The Application Security Policy governs the use of applications deemed critical to {{.Name} Information Security.
|
|
|
|
# Critical Applications
|
|
|
|
The following applications are within the scope of this policy:
|
|
|
|
* GitHub
|
|
* Slack
|
|
* Google Apps
|
|
|
|
Applications supporting production data operations (specifically the AWS Console) are deliberately excluded from this policy.
|
|
|
|
# Data Sensitivity
|
|
|
|
Any company proprietary data may be stored within these *[Critical Applications]*.
|
|
|
|
Customer support activities must be conducted entirely within the *[Critical Applications]*.
|
|
|
|
# Other Applications
|
|
|
|
Other applications not listed in *[Critical Applications]* may include company proprietary data, but must not contain any customer support or customer-owned data. |