Security policy
The fundamental objective of Enigm's Information Security Management System is to protect the information of the application's users, as well as that of our organization, through the implementation of appropriate security controls and operational processes.
The principles of our information security policy are:
- Confidentiality: The information must be known exclusively by authorized people.
- Integrity: The information will at all times be complete, accurate, valid and without manipulation.
- Availability: both the information of our organization and that of the application will be accessible by authorized users at all times, and its persistence will be guaranteed when necessary in the event of any eventuality.
At Enigm we are aware that our messaging application requires adequate protection and management to ensure the continuity of our services and prevent information leakage.
Therefore, we acquire the following commitments:
- Guarantee the operation of our application in accordance with the applicable rules and regulations, complying with the legislation and regulations in force, as well as other requirements signed with our clients, including those relating to information security and data protection.
- Comply with security requirements and objectives, as well as continually improve the effectiveness of the Information Security Management System, through the implementation of application measurement and monitoring systems.
- Express Enigm's permanent will in information security management through training and awareness programs that promote participatory management, ensuring that staff skills are used to continually improve the production process and security.
- Conduct and periodically review a risk analysis based on recognized methods that allows us to establish the level of information security and minimize risks through the development of specific policies, technical solutions and contractual agreements with specialized organizations.
- Select employees and suppliers based on information security criteria.
- Record and analyze any incident or vulnerability that may compromise or has compromised the confidentiality, integrity and/or availability of the information, to apply the corresponding corrective and/or preventive measures. Likewise, they will be communicated to interested parties within the established deadlines.
Last updated on March 11, 2024.