Version: 1.0

Approved By: Richard D’Lonesteen

Created at: 12/08/2023

Introduction

This document outlines ChattyAI’s commitment to maintaining the security and integrity of its data and information systems, especially considering our adherence to GDPR standards. Given our remote work setting, it's crucial that all employees adhere to the following policies to protect both our company and client data.

1. Secure Work Policy

As part of ChattyAI's team, employees are required to create and maintain a physically secure workspace in their home environment. This policy aims to mitigate risks associated with unauthorized access, theft, and accidental damage.

Guidelines:

• Workspace Security: Ensure that your home office is in a designated space where access can be controlled. Sensitive information displayed on your screen should not be visible to others.
• Device Lock: Always lock your devices (computers, phones, tablets) when not in use. Set an automatic lock on devices for periods of inactivity, preferably 5 minutes or less.
• Secure Storage: Documents containing sensitive information must be stored securely, either in locked storage when physical copies exist or within secured drives for digital formats.

2. Home Network Security

Securing your home network is essential to prevent unauthorized access to ChattyAI's data and systems. Safe practices protect against potential cyber-attacks and data breaches.

Recommendations:

• WiFi Security: Use WPA2 or WPA3 encryption for your home WiFi network. Avoid WEP or unsecured networks.
• Change Default Passwords: Default router passwords must be changed upon installation and updated regularly. Use complex passwords that are difficult to guess.
• Firmware Updates: Ensure your router and any network devices are running the latest firmware version to protect against vulnerabilities.

3. Device Security