Updated March 2018
A primary focus of our company is the protection of user data. All employees and contractors must abide by the following security policies as well as sign and agree to the Intellectual Property, Confidentiality, Non-Disclosures and Non-Compete Agreements. All StrategicCapitalist.com applications and services are required to follow our company goals of:
Report any issues or concerns to daily@StrategicCapitalist.com.
User data must be secured against disclosure, modification, and access by unauthorized individuals. It must be:
Restrict physical and login access to authorized users only
Actual or suspected security breaches involving user data must be reported immediately to StrategicCapitalist.com by sending email to dail@StrategicCapitalist.com.
Web applications are subject to security assessments based on the following criteria:
All security issues that are discovered during assessments must be mitigated based upon the following risk levels. Remediation validation testing will be required to validate fix and/or mitigation strategies for any discovered issues of Medium risk level or greater.
An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
Web application assessments are a requirement of the change control process and are required to adhere to this policy unless found to be exempt. All application releases must pass through the change control process. Any web applications that do not adhere to this policy may be taken offline until such time that a formal assessment can be performed at the discretion of the CEO, CIO and if applicable Data Protection Officer (DPO).
Internal User Access
Physical Access and Protection: All data is housed in a data center that meets the following minimum requirements:
SOC 1, SOC 2, HIPAA, and PCI-DSS compliant
Any individual who suspects that a theft, breach or exposure of StrategicCapitalist.com data or systems has occurred should immediately contact daily@StrategicCapitalist.com. The management team will immediately review and investigate the incident. As soon as details and the scope of any breach is determined, StrategicCapitalist.com will: terminate any individuals associated with the incident, implement additional blocking and protection to prevent additional breaches, secure data, and notify any effected clients of the scope and details of the breach if it is applicable and appropriate to do so.