Aeris Security in Brief | Information Security Policy | Aeris Security Standards | Security Standards for Customer Data | Watchtower Brief
Aeris Security in Brief
Aeris’s security posture is anchored in the ISO/IEC 27001:2022 framework, as well as NIST and CIS controls. Our approach centers on comprehensive risk management, robust access controls, network segregation, secure configuration, encryption, security by design, vulnerability, continuous compliance management and business continuity.
Our Security and Privacy Policies establish a strong foundation for managing information security across our organization.
The main pillars for our security are structured around process, tools and people enhanced by the following policies:
- Asset Management Policy
- Access Control Policy
- Back-up Policy
- Business Continuity Policy
- Change Management Policy
- Cryptographic Control and Encryption Policy
- Data Protection Policy
- Digital Identity & Password Standards Policy
- Information Handling Policy
- Information Transfer Policy
- Network Security Management Policy
- Risk Management Policy
- Secure Development Policy
- Supplier Selection and Management Policy
- User Training and Awareness Policy