Skip to content

Latest commit

 

History

History
51 lines (43 loc) · 2.9 KB

security-rules.md

File metadata and controls

51 lines (43 loc) · 2.9 KB
title date description authors tags hide_frontmatter
Security Rules
2019-02-21
Keeping laptops and phones secure is vitally important. We're a software company and many of us have access to secure systems (both our own and our customers). The following guidelines apply to how we physically secure our laptops and mobile devices that may contain customer or user data.
han
security
employee
guideline
true

Basic Security

Keeping laptops and phones secure is vitally important. We're a software company and many of us have access to secure systems (both our own and our customers).

The following guidelines apply to how we physically secure our laptops and mobile devices that may contain customer or user data.

General

  • Make a note of serial numbers, model information
  • Two Factor Authentication and strong passwords
  • Keep your operating system and applications up to date
  • Lock your device when you are away from it.
  • Don't leave your devices unattended in an unsecured area.
  • Install a device tracking and remote data wipe tool such as Prey.

Desktop

Mobile

We all use personal mobile devices, so your options are either not to add any company accounts to your phone (this includes Slack, Gmail etc), or to follow the checklist below.

Using Passwords

  • Use a unique password for every account you create.
  • Use a tool like pwgen or 1password to generate random passwords.
  • Use a tool like GnuPG to encrypt passwords if you need to share them with somebody.

Security Report

When someone finds a possible security issue in our software, we encourage them to report it to our security@d.foundation email address.

When an email comes in through this channel, reply quickly with confirmation (and CC security@d.foundation so others know that it has been handled) and the information for our PGP key, which is located at https://d.foundation/security.