- Amilon implements an Information Security Policy appropriate to its field of service, with particular attention to the processing of personal data.
- Amilon updates its Security Policy at least annually and informs its employees, collaborators and third parties involved in data processing.
roles and responsibilities
- Amilon defines, documents and informs others about the roles and responsibilities of personnel involved in the management of data protection processes.
- The roles and areas of responsibilities assigned to the main players involved in data protection management (e.g. security officer, security auditor, DPO) are defined in compliance with the segregation of duties principle, i.e. they are as distinct and independent as possible.
- Amilon establishes, documents and implements an access policy with precise rules for access control, with specific rights and restrictions depending on the role played by the user in the processing of personal data.
- Based on verified eligibility criteria, Amilon identifies the roles that are granted administrator powers and limits their assignment to a minimum number of users.
- Amilon implements a system of access controls on all users of information systems that provides for the creation, approval, monitoring and deletion of accounts.
- The use of generic or shared accounts is not allowed, so accounts are individual and unique.
- The authentication mechanism implemented provides access to systems through the use of a user ID and password or through biometric authentication (fingerprints). The password is complex (length, numbers, letters, special characters) and is valid for a maximum of 90 days. After 90 days the user is forced to change it.
- The password policy is formally documented and distributed to the staff.
- The passwords of users are stored in hashed form, i.e. encrypted with an algorithm that does not allow for reversibility of the encryption.
- Amilon draws up an inventory of IT assets (hardware, software, network) used for the processing of personal data and keeps it updated; the inventory contains the following information: asset, type, location, asset manager, asset assignee.
- Amilon identifies the personnel who may or may not have access to each information asset, especially if involved in the processing of particular personal data.
- Amilon records and monitors all changes made to its IT assets through authorised personnel.
- The development tasks are carried out in a protected environment separate from the IT systems used for the processing of personal data.
- The test environment, separate from the development and production environments, does not contain actual data and, if present, they are protected by security measures equivalent to those present in the production environment.
- Amilon establishes and documents a Change Management Policy that defines the roles and responsibilities of the functions involved and the control process.
- Amilon implements an Incident Management plan.
- Amilon implements a procedure for Data Breach Management and Notification to the Data Protection Supervisor.
- Amilon has a record of high impact incidents (including data breaches) in which it indicates the mitigation actions taken.
Business continuity and disaster recovery
- Amilon establishes, documents and implements a Business Continuity plan that defines the guaranteed service level and identifies the roles and responsibilities involved in the process.
- Amilon establishes, documents and implements a Disaster Recovery Plan.
- The basic principles and data protection rules are disseminated to all staff.
- Specific training and refresher programmes are provided for GDPR, depending on the role played by the staff in the processing of personal data.
Logging and monitoring
- Access logs to all information systems are tracked and stored securely.
- Actions taken by System Administrators, including adding, changing or deleting user privileges are tracked.
- Access to the logs and any changes are in turn tracked by logs.
- A process of periodic monitoring of the logs is implemented.
Database and server security
- Databases and application servers are configured according to the principle of data minimisation (there are no more data in the systems than are strictly necessary).
- Separate accounts are required to operate at Database and Application Server level, while at operating system level minimum privileges are granted.
- Assigned users of the workstation cannot disable or bypass security settings.
- Anti-virus and detection signature software is configured on all computers.
- Computers are set to automatically lock the session after a certain period of user inactivity (5 minutes).
- The user is blocked for 10 minutes in case of 5 wrong entries of the access password.
- Relevant updates released by the operating system developer are installed regularly.
- The possibility of transferring personal data from the workstation to an external storage medium (e.g. USB, external hard disks, CD/DVD) is discouraged by setting behavioural standards.
Network and communication security
- Transmissions of information via the Internet are protected through the use of encrypted communication protocols; in particular Amilon adopts https/ftps protocols.
- Access to IT systems via wireless network is allowed only to users and systems authorised by the Systems Department.
- Where necessary, remote access is carried out only by devices pre-authorised through Virtual Private Network (VPN).
- Inbound and outbound traffic from IT systems is monitored and controlled through Firewalls and Intrusion Detection Systems.
Backup and restore
- Backups are stored securely, according to rules and procedures established according to the type of data and the service that uses the data.
- The execution of backups is monitored and periodic restore tests are conducted to assess their consistency and completeness.
- Total and incremental backups of gift card movement data are done on a daily basis.
- The use of mobile and portable devices is regulated by drafting and publishing rules of behavioural.
Application lifecycle security
- During the early stages of software development, certain safety requirements are defined.
- The life cycle of applications is guided by the use and consultation of best practices and secure coding standards (https://safecode.org/).
- Vulnerability assessment and penetration tests are conducted periodically.
- Patches are tested and authorised in the test environment before being installed in the production environment.
Data deletion and disposal
- All devices are subject to rewriting before disposal.
- Amilon discourages the use of paper media for documents containing personal and/or classified data; however, where necessary, these documents are stored securely in locked cabinets and/or drawers, or destroyed securely.
- Computer devices whose data cannot be securely erased shall be physically destroyed in such a way as to render the data unrecoverable.
- Information systems are protected through the use of physical barriers against unauthorised access.
- Entry to rooms containing information systems are recorded and monitored.
- Maintenance personnel and visitors are registered and accompanied by an authorised internal contact person for the whole time of their visit.
- Amilon has a physical security plan and, through an appropriate information programme, its employees and collaborators are reminded to behave appropriately.
- Access to the offices by staff is allowed through the use of magnetic badges.