Skip to content

Latest commit

 

History

History
70 lines (50 loc) · 4.56 KB

Incident_Response_Policy.md

File metadata and controls

70 lines (50 loc) · 4.56 KB
Raw

INCIDENT RESPONSE POLICY

Classification Level

Publicly available

Review Information

Mandatory Review Period

Yearly

Date of Last Review

Februrary 23, 2024

Introduction

An incident response policy clearly defines the roles, responsibilities, and expectations around investigations and actions associated with a cybersecurity incident, such as a data breach or other attack.

Goal Statement

As regards cybersecurity incidents, our focus is on restoring functionality while doing whatever is practical to maintain any available information about the attack. However, given the generally very low risk nature of our solution, we will typically prioritize restoring functionality and maintaining client commitments first.

Background Statement

We, at Fonticons Inc., know our culture but it is entirely reasonable for others planning to use our technology to desire to understand how we deal with issues, especially those that might result in a loss of or degradation of service.

Definitions

Terms

  • The word "we" shall mean Fonticons Inc., all Fonticons employees, and any individuals contracting with Fonticons to complete work.
  • The word Fonticons will be synonymous with Fonticons, Inc. for the purposes of this policy.
  • Employee shall mean an individual directly employed by Fonticons and all contractors, consultants, temporary employees, or business partners.
  • Fonticons products/services refers to any and all paid or free products and/or services offered by Fonticons.
    • Product shall mean, specifically, the icons, their digital representation, and associated icon functionality present in code.
    • Service shall mean, specifically, the technologies that make the Fonticons product available to clients, users, and site users.
  • Client shall mean a person or entity who installs or configures part or all of Fonticons product/service for use on a website or product not owned or otherwise controlled by Fonticons.
  • Incident shall mean any event, whether electronic, physical, or social that adversely impacts the confidentiality, integrity, or availability of Fonticons systems or data.
  • Fonticons system shall mean any computers, communication systems, platforms, and any other information technology systems used by Fonticons to provide the Font Awesome product and service.
  • Fonticons data shall mean data in any format collected, developed, maintained or managed by or on behalf of Fonticons Inc.

Policy

  1. All critical systems must have some level of automated monitoring and alerting.
  2. At least one employee must always be "on call" to respond to alerts 24 hours a day 7 days a week.
  3. The on call person must either have access to their computer or a device that is configured to recieve alerts from our automated systems.
  4. All employees are responsible for monitoring potential incidents generally.
  5. The support lead or an assigned delegate monitors help desk tickets for potential incidents between 9 AM and 5 PM Eastern Time, Monday through Friday.
  6. Any employee who detects an incident or potential incident must immediately report it to our internal reporting tool.
  7. Incidents must be investigated immediately.
    1. If the incident causes an outage or serious degredation of service, it must be addressed immediately.
    2. If it is unclear if an incident causes serious degredation of service, validate with head of ops, head of development, or the CTO.
    3. Incidents not causing an outage or serious degregation of service may be addressed during normal business hours.
  8. Any employee can begin addressing an incident after reporting.
  9. During an active incident, all employees should consider the incident their top priority and should coordinate with the team to determine what actions they are expected to take to remedy the issue.
  10. Upon detection of an incident impacting clients a discussion will occur internally and an appropriate employee will make an initial, official statement via Twitter.
  11. System outages must be updated on our status indicator page once we have definitively determined a degregation or service outage.
  12. Other department heads or employees will update official communication as necessary.
  13. If an incident results in the loss of client data, we will also communicate that information directly to clients via their existing contact information.

Procedures

  1. An employee that detects any violation of this policy must report the issue to their supervisor, the head of development, the head of security, or the CTO.
  2. Intentionally or maliciously violating this policy is a serious offense and is grouds for termination of employment.