Security Tide Software

The purpose of this Security Policy is to protect information belonging to in a secure environment.

This policy informs personnel and other persons authorised to use facilities of the principles governing the possession, use and disposal of information.

It is the goal of that:

  • Information will be protected from unauthorized access or misuse.
  • Confidentiality of information will be protected.
  • The integrity of information will be maintained.
  • Availability of information/information systems will be maintained for service delivery.
  • Business continuity planning processes will be maintained.
  • Regulatory, contractual and legal requirements are met.
  • Physical, logical, environmental and communication security is maintained.
  • Breaches of this policy may result in disciplinary action or criminal prosecution.
  • When information is no longer useful, it will be disposed of appropriately.

Information refers to:

  • Electronic information systems (software, computers and peripherals) owned by, whether deployed or accessed on or off site.
  • computer network used either directly or indirectly.
  • Hardware, software and data owned by
  • Paper-based material.
  • Electronic recording equipment (video, audio, CCTV systems).

Our Security Policy demands a duty of care from all users regarding the operation and use of its information systems.

Authorised users of information systems With the exception of information published for public consumption, all users of information systems must be formally authorised by appointment as a staff member or contractor.
Authorised users shall exercise due care and attention to the protection of information in their personal possession. Confidential, personal or private information may not be copied or transported without:

  • Permission of the owner of the information
  • The risks associated with loss or falling into the wrong hands The manner in which the information will be secured during transport and at the destination
  • Acceptable use of information systems The use of information systems by authorised users will be lawful, honest and proper and will take into account the rights and sensitivities of other people Information System Directors responsible for information systems are required to ensure that:

  • Systems are adequately protected against unauthorised access
  • Systems are protected against theft and damage at a level that is cost effective
  • Adequate steps are taken to ensure the availability of the information system, commensurate with its importance (Business Continuity)
  • Electronic data can be restored in case of loss of the primary source. I.e. failure or loss of a computer system. All system owners must back up the data and be able to restore it to a level commensurate with its importance (Disaster Recovery)
  • Data is maintained with a high degree of accuracy
  • Systems shall be used for their intended purpose and procedures shall be in place to correct detected or reported misuse
  • All electronic access logs are only kept for a justified period of time to ensure compliance with data protection legislation, investigatory powers and freedom of information
  • Any third party who entrusts with data understands their responsibilities with respect to maintaining its security

Personal Information

Authorised users of information systems are not granted a right to privacy with respect to their use of information systems. Authorised officers of may access or monitor personal information in any information system (mailboxes, web access logs, file-store etc).

Persons who violate this policy shall be subject to disciplinary proceedings initiated by the directors responsible for the information system concerned, including referral to the police if necessary. will take legal action to ensure that its information systems are not used by unauthorised persons.