Security Policy
Security Information for the General Public
  • All information generated, acquired or held in custody by Microware, regardless of the way of presentation or storage, is an important asset of the company and must be properly protected.

  • Microware’s information should be classified into one of the following categories: confidential, restricted, internal, and public. All Information, while not properly classified and officially disclosed, is considered unclassified. Based on the rating assigned, all disclosure of information must be controlled.
 
  • Copying for personal use or disclosure of Microware information is not allowed. All information must have an owner or person responsible, and he/she is responsible for authorizing access to the information, as well as classifying it as confidential, restricted, internal and public. Confidential and restricted information cannot be accessed or copied to media, and to external environments (including the Internet) without proper authorization.
  • Security incidents can be reported anonymously on the Security Incident Form located on the side of this page.
Security Information for Employees, Service Providers and other Authorized Users
  • Confidential information can only be transmitted or stored when there is an authorization from the person responsible for the information in accordance with the Policy on the Use of Cryptographic Controls.
 
  • Information must be handled and stored securely and properly discarded when no longer needed in accordance with the Information Classification and Treatment Policy.
 
  • When discarding any information, when it is in paper form, it must be taken to the shredder and the Clean Table and Clean Screen Policy of the quality/safety sector must be complied with. When referring to network devices such as hard disk (for example, for the reason of equipment reformatting), they must have performed the routines (for example, wipe disk, before installing the new operating system) described in the Classification and Treatment Policy of Information.​
 
  • Confidential or restricted information should not be left on your desk, in a drawer or locker without a key. Similar care applies to printed material left in printer bins/trays.
 
  • It is expressly forbidden for Confidential and/or Restricted information to remain in the “Public” directory of the Microware network, even for a short period, the repository will be audited for information security at any time. When leaving their station, even for a short period, the employee must lock with a password to protect it from unauthorized access.
 
  • Employees, service providers and other authorized users are responsible for ensuring the security of the information under their care, and they are not allowed to disclose it without prior authorization.

  • Security incidents must be reported to the Information Security area or to the immediate supervisor.