Jingga/Organization-Guide
1
0
Fork 0
mirror of https://github.com/Karaka-Management/Organization-Guide.git synced 2026-01-10 20:48:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

linting fixes

Browse Source
This commit is contained in:
Dennis Eichhorn 2023-09-21 02:21:29 +02:00
parent 642e57e522
commit c9b186c8dd
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Legal/Terms_en.md
View File

@ -114,4 +114,4 @@ By continuing to access or use Our SERVICE after those revisions become effectiv
All agreements made between the Company and You for the purpose of executing any SERVICES shall be in writing.
Version 2023-09-05
Version 2023-09-05

6
Policies & Guidelines/IT/Backup & Data Recovery.md
View File

@ -10,7 +10,7 @@ The loss of data can have detrimental effects on the activities of the organizat
## Goal
A complete mitigation of the risks is almost impossible. However, measures must be implemented which mitigate the risks as low as reasonably possible. Data backup should allow the organization to resume its activities as quickly as possible (ideally within 1-2 hours) without substantial loss of data.
A complete mitigation of the risks is almost impossible. However, measures must be implemented which mitigate the risks as low as reasonably possible. Data backup should allow the organization to resume its activities as quickly as possible (ideally within 1-2 hours) without substantial loss of data.
## Implementation
@ -38,7 +38,7 @@ This type of backup is done incrementally, meaning only changes are stored.
### Manual backup
Once a quarter a full data backup (clone) is created and stored on an external storage device. The purpose of these backups are to provide long term backups which are not replaced/overwritten. Additionally, these backups provide some fall back solution for sleeper malware or malware which encrypts backup files. Only 4 quarters at a maximum are allowed to be stored on the same hard drive. The backup is stored in a separate building than the main backup or in a bank vault.
Once a quarter a full data backup (clone) is created and stored on an external storage device. The purpose of these backups are to provide long term backups which are not replaced/overwritten. Additionally, these backups provide some fall back solution for sleeper malware or malware which encrypts backup files. Only 4 quarters at a maximum are allowed to be stored on the same hard drive. The backup is stored in a separate building than the main backup or in a bank vault.
## Data storage
@ -46,7 +46,7 @@ The data should be stored in such a way that only authorized personnel has acces
## Reconstruction
The data reconstruction is documented in a reconstruction tutorial in the IT processes. During the reconstruction it may be necessary to put a higher priority on files and data which are more important for the ongoing organization activities (e.g. customer data, source code data).
The data reconstruction is documented in a reconstruction tutorial in the IT processes. During the reconstruction it may be necessary to put a higher priority on files and data which are more important for the ongoing organization activities (e.g. customer data, source code data).
## Responsibility

4
Policies & Guidelines/IT/IT Security.md
View File

@ -20,11 +20,11 @@ Passwords protect confidential company data, as well as customer and supplier da
#### Change interval
Additionally, if it is possible to define a password change interval it should be set to once a year. This way passwords don't become stale and in case of a password leak get rotated out. Shorter password change intervals could lead to friction for the employees resulting in a security fatigue.
Additionally, if it is possible to define a password change interval it should be set to once a year. This way passwords don't become stale and in case of a password leak get rotated out. Shorter password change intervals could lead to friction for the employees resulting in a security fatigue.
### Access Restrictions
Every user must have their own user-ID and authentication. The user can be assigned to multiple groups. Permissions can be granted for groups and individual users.
Every user must have their own user-ID and authentication. The user can be assigned to multiple groups. Permissions can be granted for groups and individual users.
In general only whitelist user access permissions instead of blacklisting them. In other words don't be afraid to create multiple accounts or user groups for single applications and only give them reading/writing/execution permissions to directories and files they need access to.