Information security policy for external users

Scope and purpose

This Information Security Policy sets out the minimum requirements and rules of behaviour that apply to external users when working with the SCS IT infrastructure and non-public information. It serves to ensure the integrity, availability and confidentiality of information systems and data. The policy has been drawn up in accordance with the international standard ISO/IEC 27001 for information security management systems (ISMS).

Handling login information (passwords, second factors, keys)

Security of login information

Confidentiality

Regular change

Lock / Log out

Automatic lock

Manual lock

Cancellation

Malware protection

Protective measures

Handling information and data