Asset Protection

In accordance with the CKCustom Security Consultants' Client, Data Classification Policy, all information systems that create, receive, store, or transmit data classified as ‘Confidential’ must adhere to the authentication and authorization principles of this document.

Entities Affected By This Policy

The Client, and Client Business, and all personnel

Reason for Policy

State and federal regulations, as well as general best practices, shape the security and privacy protections that must be afforded to data classified as “Confidential”. This policy addresses regulatory and best practice requirements to ensure proper authentication and authorization to Confidential data.

Principles

Information systems or applications that create, receive, store, or transmit Confidential data (hereafter “Confidential Systems” – see Data Classification policy) must, without exclusion, adhere to the following:

  • Access
  • Unique User Identification