0% found this document useful (0 votes)

33 views4 pages

Thermodyne Cybersecurity Policy Document

The Cybersecurity Policy for Thermodyne Engineering Systems aims to protect digital assets and sensitive data from cyber threats while ensuring compliance with regulations. It outlines the responsibilities of employees, vendors, and IT staff, as well as guidelines for acceptable use, access control, password management, and incident reporting. The policy also includes provisions for training, auditing, and consequences for violations, with an annual review process in place.

Uploaded by

lalit.jangid

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOC, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

33 views4 pages

Thermodyne Cybersecurity Policy Document

Uploaded by

lalit.jangid

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOC, PDF, TXT or read online on Scribd

Cybersecurity Policy

Organization: Thermodyne Engineering Systems

Effective Date: [Insert Date]
Policy Version: 1.0
Approved By: [Insert Name / Position]

1. Purpose
This Cybersecurity Policy establishes a framework to protect Thermodyne Engineering
Systems's digital assets, systems, networks, and sensitive data from unauthorized access, cyber
threats, and misuse. It aims to safeguard business continuity, maintain data integrity, and ensure
compliance with national cybersecurity regulations.

2. Scope
This policy applies to:

 All employees (permanent, temporary, contract)

 Vendors, consultants, and third-party service providers
 All IT assets (desktops, laptops, mobile devices, ERP, finance systems, CCTV, servers)
 All communication tools and data transfer mechanisms (email, USB, cloud)

3. Roles & Responsibilities

Role Responsibility
IT Administrator Manage firewalls, antivirus, system updates, backups
Department Heads Ensure team compliance with policy
Users (All Employees) Follow best practices for data and system security
Third-party Vendors Secure data access as per contract; follow NDA guidelines
[Optional] Security Lead Oversee security audits, incident response, and awareness

4. Acceptable Use Policy

 Company systems are to be used only for authorized business purposes.
 Use of unauthorized software, personal USBs, or cloud services (e.g., Google Drive,
Dropbox) is prohibited.
 Internet access must not be used for illegal, inappropriate, or malicious activities.
 Personal email accounts must not be used to share business data.
5. System Access Control
 Access to systems (ERP, finance software, shared folders) must be role-based.
 Users must not share login credentials.
 All systems must have automatic session timeouts (e.g., 15 minutes).
 Remote access (e.g., VPN) must be approved and logged.

6. Password & Authentication Standards

 Passwords must be:
o Minimum 8 characters

o Include upper/lower case letters, numbers, and a symbol

 Change passwords every 90 days

 Enable multi-factor authentication (MFA) where available
 Do not write down or share passwords

7. Endpoint Security
 All company devices must:
o Have up-to-date antivirus software

o Be protected by strong passwords or biometrics

o Be reported immediately if lost or stolen

 Removable media (USBs) must be scanned before use

8. Email & Communication Security

 Do not open suspicious attachments or links from unknown senders.
 All official communication should be done via company email.
 Report phishing attempts to the IT team immediately.

9. Data Backup & Recovery

 Regular automatic backups must be taken for:
o ERP system

o Petty cash and financial records

o Inventory and stores data

 Backups must be:

o Encrypted

o Stored offline or in a secure cloud

o Tested monthly for restoration

10. Software & Patch Management

 Only licensed and approved software is allowed.
 IT must:
o Keep systems updated with the latest patches

o Schedule monthly patch reviews

 Users must not install or update software on their own.

11. Incident Reporting & Response

 All cybersecurity incidents (e.g., malware, phishing, data breach) must be reported to IT
within 30 minutes.
 The IT team will:
1. Contain and assess the incident
2. Notify management and, if needed, legal authorities
3. Document the response and implement corrective actions

12. Third-Party & Vendor Security

 Vendors accessing systems or data must:
o Sign NDA and data processing agreements

o Use secure access methods (e.g., restricted VPN or monitored access)

o Undergo periodic security assessments

13. Training & Awareness

 All employees must:
o Complete cybersecurity awareness training during onboarding

o Undergo annual refresher courses

o Be aware of social engineering, phishing, and ransomware threats

14. Compliance & Auditing

 Quarterly internal audits will be conducted for:
o Access logs

o Antivirus/patching status

o Policy adherence

 Non-compliance may result in disciplinary action or contract termination

15. Policy Violations

Violations of this policy may lead to:

 Formal warnings
 Suspension of access rights
 Termination of employment or vendor agreement
 Legal action in case of willful damage or data theft

16. Policy Review

This policy will be reviewed annually, or earlier if:

 New threats or vulnerabilities emerge

 Legal or business requirements change
 A major cybersecurity incident occurs

A Network Security Policy
No ratings yet
A Network Security Policy
3 pages
Physical and Environmental Security Policy
No ratings yet
Physical and Environmental Security Policy
4 pages
Information Security Policy Overview
No ratings yet
Information Security Policy Overview
14 pages
Information Security Policy Overview
No ratings yet
Information Security Policy Overview
5 pages
University Network Security Policy
No ratings yet
University Network Security Policy
8 pages
Security Policy for IT Organizations
No ratings yet
Security Policy for IT Organizations
33 pages
GlobeNet Information Security Policy
No ratings yet
GlobeNet Information Security Policy
27 pages
KMC Information Security Policy Overview
No ratings yet
KMC Information Security Policy Overview
46 pages
Amplitude Security Incident Response Plan
No ratings yet
Amplitude Security Incident Response Plan
6 pages
NIST Acceptable Use Policy Overview
No ratings yet
NIST Acceptable Use Policy Overview
10 pages
User Account Management Policy
No ratings yet
User Account Management Policy
8 pages
Maine Configuration Management Policy
No ratings yet
Maine Configuration Management Policy
17 pages
IT Information Security Policy Overview
No ratings yet
IT Information Security Policy Overview
16 pages
FIF Acceptable Use Policy Overview
No ratings yet
FIF Acceptable Use Policy Overview
9 pages
Change Management Policy Overview
No ratings yet
Change Management Policy Overview
18 pages
Fort I Net Open Ports
No ratings yet
Fort I Net Open Ports
14 pages
Asset Management Procedure for Peru
No ratings yet
Asset Management Procedure for Peru
15 pages
CISCO Best Practices White Paper - Network Security Policy
No ratings yet
CISCO Best Practices White Paper - Network Security Policy
7 pages
Disaster Recovery Policy Template
No ratings yet
Disaster Recovery Policy Template
2 pages
IT Acceptable Use Policy Overview
No ratings yet
IT Acceptable Use Policy Overview
24 pages
Maynooth University Network Security Policy
No ratings yet
Maynooth University Network Security Policy
6 pages
Security Management Policy
No ratings yet
Security Management Policy
8 pages
Firewall Policy Template Overview
No ratings yet
Firewall Policy Template Overview
7 pages
CyberSecure Inc. Incident Response Plan
No ratings yet
CyberSecure Inc. Incident Response Plan
6 pages
BakeTrack Cybersecurity Policy Overview
No ratings yet
BakeTrack Cybersecurity Policy Overview
10 pages
Removable Media Security Policy
No ratings yet
Removable Media Security Policy
9 pages
Network Security Policy Template
No ratings yet
Network Security Policy Template
7 pages
Network Security Policy Overview
100% (1)
Network Security Policy Overview
8 pages
Clear Desk & Screen Policy: © Distributed by Under A
No ratings yet
Clear Desk & Screen Policy: © Distributed by Under A
5 pages
Cyber Security Awareness Training Guide
No ratings yet
Cyber Security Awareness Training Guide
15 pages
Change Management Policy
No ratings yet
Change Management Policy
21 pages
Access Control Concepts in Cybersecurity
No ratings yet
Access Control Concepts in Cybersecurity
24 pages
Information Assets Overview for SparQ
No ratings yet
Information Assets Overview for SparQ
8 pages
Acceptable Use Policy For Communications
No ratings yet
Acceptable Use Policy For Communications
11 pages
ISO 27001:2013 Security Controls Overview
No ratings yet
ISO 27001:2013 Security Controls Overview
14 pages
Access Control Policy Overview
No ratings yet
Access Control Policy Overview
5 pages
Presentation On Security Awareness and Security Policy
No ratings yet
Presentation On Security Awareness and Security Policy
7 pages
Cybersecurity Policies for Organizations
No ratings yet
Cybersecurity Policies for Organizations
16 pages
Sacramento State Access Review Procedure
No ratings yet
Sacramento State Access Review Procedure
4 pages
Premier Bank ICT Policy Version 2.3
No ratings yet
Premier Bank ICT Policy Version 2.3
104 pages
Cyber Security Incident Response Guide
No ratings yet
Cyber Security Incident Response Guide
14 pages
Acceptable Use Policy Overview
No ratings yet
Acceptable Use Policy Overview
35 pages
Acceptable Use Policy for IT Assets
No ratings yet
Acceptable Use Policy for IT Assets
16 pages
IT Backup Policy Guidelines
No ratings yet
IT Backup Policy Guidelines
2 pages
A2Telecom Information Protection Policy
No ratings yet
A2Telecom Information Protection Policy
8 pages
ICT User Access Management Policy
No ratings yet
ICT User Access Management Policy
17 pages
BYOD Security Policy Overview
No ratings yet
BYOD Security Policy Overview
4 pages
Information Security Policy Overview
No ratings yet
Information Security Policy Overview
11 pages
Reevaluating Password Security Policies
No ratings yet
Reevaluating Password Security Policies
12 pages
Enhancing Workplace Security Awareness
No ratings yet
Enhancing Workplace Security Awareness
36 pages
DHL Vulnerability Management Policy
No ratings yet
DHL Vulnerability Management Policy
22 pages
Cybersecurity Strategy Implementation Plan
No ratings yet
Cybersecurity Strategy Implementation Plan
6 pages
Information Security Policy Overview
No ratings yet
Information Security Policy Overview
20 pages
Essential Core IT Policies Overview
No ratings yet
Essential Core IT Policies Overview
1 page
Godrej Information Security Policy 2023
No ratings yet
Godrej Information Security Policy 2023
41 pages
Cybersecurity Policy and Risk Assessment
No ratings yet
Cybersecurity Policy and Risk Assessment
2 pages
Cybersecurity Policy Template
100% (1)
Cybersecurity Policy Template
3 pages
Cyber Security Policy Overview
No ratings yet
Cyber Security Policy Overview
5 pages
Information Technology Policy
No ratings yet
Information Technology Policy
6 pages
TechNova Information Security Policy
No ratings yet
TechNova Information Security Policy
3 pages
Employee Satisfaction Survey Overview
No ratings yet
Employee Satisfaction Survey Overview
3 pages
Overtime Schedule and Calculations
No ratings yet
Overtime Schedule and Calculations
19 pages
Attendance Record Summary
No ratings yet
Attendance Record Summary
2 pages
Labor Rights Compliance Checklist
No ratings yet
Labor Rights Compliance Checklist
2 pages
Store SOP for Boiler Manufacturing Unit
No ratings yet
Store SOP for Boiler Manufacturing Unit
5 pages
SOP for Boiler Purchase Procedures
No ratings yet
SOP for Boiler Purchase Procedures
5 pages
Plant Compliance and People Management Guide
No ratings yet
Plant Compliance and People Management Guide
1 page
Quality Systems for Boilers & Pressure Vessels
No ratings yet
Quality Systems for Boilers & Pressure Vessels
4 pages
Collecting Logs on SLES 11 SP2
No ratings yet
Collecting Logs on SLES 11 SP2
75 pages
ETL Processes in Hadoop for Data Engineering
No ratings yet
ETL Processes in Hadoop for Data Engineering
9 pages
Software Development and Testing Insights
No ratings yet
Software Development and Testing Insights
4 pages
Pandas DataFrame Manipulation Guide
No ratings yet
Pandas DataFrame Manipulation Guide
3 pages
Software Architect Roadmap Overview
No ratings yet
Software Architect Roadmap Overview
1 page
OpenText Intelligent Capture CE 22.4 - Installation Guide English (ECPCORE220400-IGD-En-01)
100% (1)
OpenText Intelligent Capture CE 22.4 - Installation Guide English (ECPCORE220400-IGD-En-01)
276 pages
Real-Life Applications of Stacks
No ratings yet
Real-Life Applications of Stacks
5 pages
Fog Computing: Benefits and Challenges
No ratings yet
Fog Computing: Benefits and Challenges
16 pages
Integration Expertise in MuleSoft & TIBCO
No ratings yet
Integration Expertise in MuleSoft & TIBCO
1 page
Databases for Data Analytics in Coursera
No ratings yet
Databases for Data Analytics in Coursera
2 pages
Introduction to Database Management Systems
No ratings yet
Introduction to Database Management Systems
3 pages
Google Data Analytics Professional - Certificate Tushar - Zanke
No ratings yet
Google Data Analytics Professional - Certificate Tushar - Zanke
1 page
Quantitative Analyst Profile: Harsh Rana
No ratings yet
Quantitative Analyst Profile: Harsh Rana
1 page
Overview of Hitachi HDLM Software
No ratings yet
Overview of Hitachi HDLM Software
4 pages
Data Management Principles Explained
No ratings yet
Data Management Principles Explained
3 pages
Python For Astronomers (Pasha-Agostino)
No ratings yet
Python For Astronomers (Pasha-Agostino)
57 pages
SAP R 3 IDoc Cookbook For EDI and Interf
No ratings yet
SAP R 3 IDoc Cookbook For EDI and Interf
160 pages
DataOps: Evolving Data Analytics Processes
No ratings yet
DataOps: Evolving Data Analytics Processes
10 pages
Agile Software Development Overview
No ratings yet
Agile Software Development Overview
49 pages
English Exam Literature Daf 202308
No ratings yet
English Exam Literature Daf 202308
20 pages
Graphic Era Freshers Party Organizer
No ratings yet
Graphic Era Freshers Party Organizer
21 pages
50 Unique Python Project Ideas with Features
No ratings yet
50 Unique Python Project Ideas with Features
23 pages
Pandas Data Analysis Toolkit Overview
No ratings yet
Pandas Data Analysis Toolkit Overview
95 pages
DBMS Put Set 2 2025-26
No ratings yet
DBMS Put Set 2 2025-26
3 pages
Creating Secrets in Databricks
No ratings yet
Creating Secrets in Databricks
13 pages
SQL Mastery: From Basics to Advanced
No ratings yet
SQL Mastery: From Basics to Advanced
45 pages
ISO 27001:2022 Certification Prep Questionnaire
No ratings yet
ISO 27001:2022 Certification Prep Questionnaire
29 pages
and Install Oracle Application Express
No ratings yet
and Install Oracle Application Express
52 pages
Rest Assured API Testing Overview
No ratings yet
Rest Assured API Testing Overview
15 pages
Data Science Career Launch Program
No ratings yet
Data Science Career Launch Program
13 pages