Last Updated: October 11, 2024
1. Introduction
At Aeonaxy, we are committed to ensuring the security of our users’ data and maintaining the integrity of our systems. This Security Policy outlines the measures we take to protect information and our expectations for users in helping to maintain a secure environment.
2. Data Protection
2.1 Encryption:
- We use industry-standard encryption protocols to protect data in transit and at rest.
- All sensitive data, including passwords and personal information, is encrypted using strong algorithms.
2.2 Data Access:
- We follow the principle of least privilege, ensuring employees only have access to the data necessary for their roles.
- All access to user data is logged and regularly audited.
2.3 Data Backups:
- We perform regular backups of all critical data.
- Backups are encrypted and stored in secure, geographically diverse locations.
3. Network Security
3.1 Firewalls and Intrusion Detection:
- Our networks are protected by enterprise-grade firewalls.
- We employ intrusion detection and prevention systems to monitor for and block suspicious activities.
3.2 Regular Scans and Audits:
- We conduct regular vulnerability scans and penetration tests on our systems.
- Third-party security audits are performed annually.
4. Application Security
4.1 Secure Development Practices:
- Our development team follows secure coding practices and undergoes regular security training.
- All code changes undergo security review before deployment.
4.2 Regular Updates:
- We promptly apply security patches to all systems and dependencies.
- Users are notified of any security-related updates to our applications.
5. Physical Security
5.1 Data Centers:
- Our servers are housed in secure data centers with 24/7 monitoring, biometric access controls, and redundant power systems.
5.2 Office Security:
- Our offices have controlled access systems and surveillance cameras.
- All employees undergo background checks and sign confidentiality agreements.
6. Incident Response
6.1 Response Team:
- We maintain a dedicated incident response team ready to address any security issues.
6.2 Notification:
- In the event of a data breach, we will promptly notify affected users and relevant authorities as required by law.
7. User Responsibilities
7.1 Account Security:
- Users are responsible for maintaining the confidentiality of their account credentials.
- We strongly recommend using strong, unique passwords and enabling two-factor authentication where available.
7.2 Reporting Security Issues:
- Users are encouraged to report any suspected security issues to security@aeonaxy.com.
8. Compliance
8.1 Regulatory Compliance:
- We comply with relevant data protection regulations, including GDPR and CCPA where applicable.
8.2 Industry Standards:
- Our security practices align with industry standards such as ISO 27001 and NIST Cybersecurity Framework.
9. IoT Device Security
9.1 Secure by Design:
- Our IoT devices are designed with security in mind, including secure boot processes and encrypted communication.
9.2 Regular Updates:
- We provide regular security updates for our IoT devices and encourage users to keep their devices up to date.
10. Third-Party Vendors
10.1 Vendor Assessment:
- We carefully assess the security practices of our third-party vendors and partners.
10.2 Data Processing Agreements:
- We enter into data processing agreements with vendors who handle user data to ensure they maintain appropriate security measures.
11. Security Awareness
11.1 Employee Training:
- All employees undergo regular security awareness training.
11.2 User Education:
- We provide resources and guidelines to help our users maintain security best practices.
12. Policy Updates
We regularly review and update this Security Policy to reflect changes in our practices and to respond to new security challenges. Users will be notified of significant changes.
13. Contact Us
If you have any questions about our Security Policy or practices, please contact us at:
Email: contact@aeonaxy.com