Cybersecurity Policy

At 7 Knots Digital, we take the security of our company and our clients’ information very seriously. In order to maintain the highest level of integrity and confidentiality, we have implemented the following cybersecurity measures:

Security controls: All employees are required to use strong passwords and regularly update them. In addition, all employees must use two-factor authentication (2FA) when logging into their individual email accounts.
Data ownership responsibilities: All employees are responsible for protecting the data they access and handle. This includes keeping passwords confidential, and using secure methods for sending and receiving files sensitive client data that includes PII or Personally Identifiable Information (such as a secure FTP), and logging out of systems when not in use.
Maintenance of security infrastructure: Our IT systems are managed by our internal team In addition, we work with business partners who also maintain high standards of security when handling limited data services on our behalf. All employees must have anti-virus protection installed on their personal computers.
Confidentiality: We treat our clients’ affairs as confidential and take all necessary precautions to prevent unauthorized disclosure of proprietary processes and confidential information.
Device Security: Employees are required to protect their company laptops or company smartphones with strong passwords and up-to-date security software.

They are also required to report any lost or stolen devices to the IT department immediately.

Email security: Employees will be trained on how to identify phishing emails andother cyber threats, and are required to report any suspicious emails to the IT department.
Network security: We have a secure network in place, with access controls in place to prevent unauthorized access. Employees are required to use only company-approved devices and software to access the network including Shared Team Drive and Client Folders.
Remote work security: We require all employees to use a virtual private network (VPN) when accessing sensitive data (credit cards and personal identifying information) in locations other than their home.
Password management: We have a password management policy in place to ensure that employees use strong and unique passwords for all company systems and accounts. You are required to use our approved password manager to generate and store secure passwords.

By acknowledging this policy, employees agree to adhere to these cybersecurity measures and protect the confidentiality of our company and our clients.