Cyber Security Breach Notification Process

This document outlines procedures and protocols for notification of and response to a security incident or breach involving data processed and/or maintained by Matidor.com (“Company”).

SECURITY INCIDENT REPORTING & INVESTIGATION PROTOCOL

Security Incident Reporting

  • In the event that a Company employee identifies a potential security incident involving a computer, the computer shall first be disconnected from the network, then shutdown. In all instances, the personnel will await further instructions from the Chief Technology Officer prior to continued operation of the computer.
  • Any employee or data owner who believes that a security incident has occurred, shall immediately notify the Chief Technology Officer.
  • Upon notification by an employee, the Chief Technology Officer shall promptly conduct a Security Incident Investigation.

Security Incident Investigation

  • The Chief Technology Officer will conduct an investigation into the security incident to determine whether there has been a security breach. All investigatory work will be documented within a Confidential Information Security Incident Report by the Chief Technology Officer.
  • Low/No Risk Incident: A Low/No Risk incident typically occurs, but is not limited to, an instance when an employee observed a problem on a computer. The computer may have been compromised due to a form of malware installed on the computer. The employee shall consult with the data security team to determine the level of risk with the incident. If it is determined the incident is considered “Low/No Risk”, the data security team will work with the employee to address the incident.
  • High Risk Incident: A High Risk incident typically occurs, but is not limited to, an instance when Network Services notices an alert or spike in network activity.  The computer may have been compromised due to remote program execution, unusual data traffic, RTP services, etc. The employee shall immediately notify the Chief Technology Officer, and work with the data security team to conduct an investigation. The investigation may include follow-up interviews with the employee and the security data team.
  • Upon completion of forensic analysis and interviews, the Chief Technology Officer, data security team will meet to review all evidence and determine if there was a security breach. If there was no breach, the data security team will work with the employee to address the incident.

SECURITY BREACH NOTIFICATION PROTOCOL

Internal Notifications

  • If it is determined after investigation that a security breach involving notice triggering information has occurred, the Chief Technology Officer shall notify the Chief Executive Officer and the general counsel.
  • The Chief Technology Officer will notify the responsible department, confirming the security breach of notice triggering information and provide advice and guidance.
  • The Chief Technology Officer shall also initiate the company breach notification process and work closely with the Department Leads responsible for controlling access to, and security of, the breached electronic equipment to ensure the appropriate handling of the breach response and inquiries. The Chief Technology Officer will provide guidance to designated employees responsible for responding to breach notification inquiries.

External Notification

  • Notification of Affected Customers: The department or office responsible for controlling access to, and security of, the breached electronic equipment shall compile the list of the customer accounts whose data was, or is reasonably believed to have been, acquired by an unauthorized person.
  • The process for identifying affected individuals as part of a notification shall be included in the Confidential Information Security Incident Report.

Notification Timing

  • Customer accounts whose notice-triggering information has been compromised shall be notified in the most expedient time possible, and without unreasonable delay, consistent with the legitimate needs of law enforcement or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system. The information considered when determining the notification date shall be included within the Confidential Information Security Incident Report.

Content of Notice

  • The breach notification will provide a brief description of the security breach, a contact for inquiries, and helpful references to individuals regarding identity theft and fraud. The content of the breach notification, and when appropriate, the content of both the web site page and the press release will be reviewed and approved by the Chief Technology Officer.

Method of Notification

  • A letter shall be printed with official Company letterhead, addressed to the last recorded contact email addresses from the Master Service Agreement or License Subscription Agreement.
  • After a six month period of time the general counsel, the Chief Technology Officer will determine whether to continue website posting.

Breach Notification Inquiry Response

  • Subsequent to a security breach notification, the Company can expect several inquiries from notified users and security vendors. The Chief Technology Officer will provide a written Inquiry Response Guide to be used by the division executive, or designee(s), to respond to any phone calls/emails/letters/walk in traffic with inquiries regarding the breach. If the questions are outside the scope of the information provided within the Inquiry Response Guide, the division executive or designee may refer the inquiry to the Chief Technology Officer for further assistance.
Matidor Qi - Next-gen project management software for field service | Product Hunt Matidor Qi - Next-gen project management software for field service |Product Hunt

Try Matidor.com for Your Team

Book a Demo