Security Policy
SESAME LABS is a company established in 2022, dedicated to “Information Security Systems that support the design, development, and maintenance of Sesame HR, following the current statement of applicability”. Our primary objectives are quality and customer satisfaction, based on the values of efficiency, reliability, professionalism, and the execution of high-quality work with guarantees of security for the information and documentation we handle and the data.
This requires that SESAME LABS management and its staff apply the established security measures and implement mechanisms for controlling and monitoring these measures.
To achieve this we have implemented a set of measures, controls, procedures, and actions aimed at protecting all assets, including information and the processes that support it, as well as systems and networks. The principles of the Security Policy must become part of the organisational culture. To this end, a clear commitment from the heads of each area must be ensured for the dissemination, consolidation, and compliance with this Policy.
To ensure information security, the management of SESAME LABS has developed and implemented a Management System based on the following pillars and objectives:
- Identifying and fulfilling the needs of our clients.
- Complying with legislation and regulations, applying legal compliance to the activities that the company carries out and to the requirements demanded by our clients, even beyond the legal minimums that are economically and technologically feasible.
- Establishing a system of continuous improvement to optimise and elevate the quality of our service.
- The Quality Management System is not the responsibility of one person, it is the result of the collective work of all the members of the company, who are provided with constant and appropriate training.
- Protecting the Company’s information resources and the technology used for processing against internal or external, deliberate or accidental threats.
- Establishing methods for notifying, managing, and recording incidents related to the Information Security Management System, and continuously reviewing these controls to ensure compliance with security requirements, thereby contributing to continuous improvement.
- Defining a strict policy for copying and storing relevant information of the company.
- Ensuring appropriate access management to our systems by implementing an identification and authentication system. This not only restricts access to third parties but also facilitates the work of our employees in a completely secure environment.
- Defining operating standards that ensure a proper balance between user needs, security requirements, and compliance with current laws.
Furthermore, aware of the importance of offering services with the highest quality and security, our organisation rigorously complies with all applicable legal requirements, as well as any other requirement, legal or otherwise, that may be applicable.
Everyone at SESAME LABS is required to comply with the guidelines, rules, and procedures. Consequently, they must cooperate with this organisation to ensure that all these rules are not altered or violated.
All those providing services at SESAME LABS must be aware of and accept their obligations regarding the correct use of IT resources. Any violation of these obligations by staff may result in disciplinary liability, and in the company taking legal action to enforce them.
Consequently, Management extends this commitment to all employees, as well as those acting on behalf of SESAME LABS, to comply with the guidelines of this policy. These guidelines will be periodically reviewed to ensure they are always appropriate to the organisation’s activities.
MANAGEMENT
Valencia, September 5, 2022.