Documentation
1. Policies and Procedures
1.2. Data Storage and Management

1.2. Data Storage and Management

1. Introduction

Lean Transition Solutions (LTS) is committed to protecting the confidentiality, integrity, and availability of all data it collects, processes, and stores. This policy outlines the key responsibilities and practices for data storage and management for all LTS employees.

2. Your Role in Data Security

Every employee plays a crucial role in protecting LTS data. This policy outlines the general practices you should follow to help ensure the security and integrity of all company information.

3. Key Principles

  • Only Collect What You Need: We only collect and store data that is necessary for our legitimate business operations.
  • Use Data Responsibly: We use data ethically and in accordance with applicable laws and regulations.
  • Protect Data from Harm: We take steps to protect data from unauthorized access, use, disclosure, alteration, or destruction.
  • Keep Data Safe for as Long as Needed: We retain data only for as long as necessary for the purposes for which it was collected.
  • Be Transparent: We are transparent about our data collection, use, and storage practices.

4. Data Storage & Handling

4.1. Company-Approved Systems:

  • Use only company-approved systems for storing and accessing company data, such as company-issued computers, laptops, and designated cloud storage services.
  • Do not store company data on personal devices, including personal computers, mobile phones, or external drives, unless specifically approved by your manager and IT.

4.2. Secure File Sharing:

  • Use company-approved file sharing services (e.g., Microsoft OneDrive, SharePoint) for sharing company data internally and externally.
  • Always ensure you are sharing with the appropriate people and setting the right permissions to protect the information.

4.3. Passwords & Access:

  • Use strong and unique passwords for all company systems and accounts.
  • Do not share your passwords with anyone.
  • Never leave your computer or mobile device unattended while logged into company systems.

5. Data Security Best Practices

  • Be Vigilant of Phishing Attacks: Be cautious of suspicious emails or websites that may attempt to steal your login information or sensitive data. Report any suspicious emails to the IT department.
  • Be Cautious with Public Wi-Fi: Avoid accessing sensitive company data on public Wi-Fi networks.
  • Protect Your Device: Use strong passwords and keep your devices updated with the latest security patches.
  • Keep Information Confidential: Treat all company information as confidential. Do not share it with anyone who does not have a need to know.
  • Report Security Incidents: Report any security incidents, such as suspicious activity, data breaches, or unauthorized access attempts, to the IT department immediately.

6. Data Disposal

  • When you no longer need company data, ensure you dispose of it securely. This may include deleting electronic files, shredding physical documents, or using other approved methods.
1.1. Message and Communication Security2. Security Basics