Access control policy

While the work on releasing industry-class documented access control policy is still a work in progress, as young company we implemented following internal procedures to make sure we have culture & discipline on this matter:
 
 
  • All employees at SpatialChat must use their @spatial.chat email accounts to access internal services
  • Each employee has access only to those services that they need according to their scope of work, e.g.
  • Backend engineers have access to servers and database, however they don't have access to customer billing data or finance data
  • Support engineers don’t have access to any server infrastructure, but they have access to customer data (in order to be able to issue a payment refund, help with SpatialChat space setup, etc)
  • All access is revoked from an employee within 3 calendar days after contract termination, and when reasonably possible - immediately
  • Employees must have latest anti-virus software on their personal computers
  • Employees shall use complex passwords for their work user accounts (min. 8 symbols, upper case letter, lower case letters, numbers and special symbols)
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.