Information Security Policy
Ovaloop is committed to protecting the confidentiality, integrity, and availability of information entrusted to us.
1. Purpose
Ovaloop is committed to protecting the confidentiality, integrity, and availability of information entrusted to us.
2. Security Objectives
Ovaloop seeks to:
•Protect customer information
•Prevent unauthorized access
•Detect and respond to threats
•Maintain service availability
•Ensure compliance obligations
3. Access Control
Access to systems shall be granted on a least-privilege basis.
Access rights shall be reviewed periodically.
Accounts must be disabled promptly when access is no longer required.
4. Authentication
Users must use strong passwords.
Multi-factor authentication may be required for administrative systems.
5. Data Protection
Customer data shall be protected using appropriate safeguards.
Sensitive information shall be restricted to authorized personnel.
6. Network Security
Ovaloop employs reasonable security controls including:
•Firewalls
•Monitoring systems
•Access restrictions
•Logging mechanisms
7. Incident Management
Security incidents shall be:
•Identified
•Reported
•Investigated
•Remediated
where appropriate.
8. Employee Responsibilities
Personnel must:
•Protect confidential information
•Follow security procedures
•Report suspected incidents promptly
9. Vendor Management
Third-party providers must meet appropriate security standards.
10. Business Continuity
Ovaloop maintains backup and recovery procedures designed to support operational continuity.
11. Policy Review
This policy shall be reviewed periodically and updated as necessary.