INFORMATION SECURITY POLICY
As Limon Information Technologies Incorporated Company, we are aware that we are responsible for protecting the data; obtained, used or emerged during the design, implementation and support of private cloud, managed public cloud and private hosting services, and the systems of information processing, operation and development process that are hosted by our customers or managed in cloud computing structures and we are taking all necessary precautions in this regard within the principles of national or international laws and regulations in force and accepted information security standards. Within this understanding, by taking legal and administrative measures and implementing the necessarry information security management systems within the institution;
• Continuous improvement and awareness of information security
• The participation of all our employees and business partners,
• With the aim of protecting all physical and electronic data processed and obtained
We are committed to continuing.
Based on the principles of Confidentiality, Integrity and Accessibility of data security, personal data with the KVKK (Personal Data Protection Law) and on the basis of sensitive data classifications;
• Necessary authorization and task definitions will be defined within the scope of information security
• Information Systems Management Strategy will be established
• Compliance with Information Security and relevant legal regulations will be ensured.
• Threats, vulnerabilities, and risks against these assets will be identified and managed through the Created Asset and Data Inventories
• Continuous review and improvement of the Information Security Management System and KVKK compliance will be ensured
• To increase awareness of Information Security, trainings will be given to ensure technical and behavioral integrity.
• Sub-policies that support our basic information security policy will be determined.
• PDCA (Plan-Do-Check-Act) cycle will be implemented.
• All responsible units will act with information security awareness. Information security plans will be created and implemented for the areas of responsibility.
• Compliance with IT security frameworks from our partners and customers will also be ensured.
Within the scope of personal data security;
• Personal data inventory will be prepared.
• Sensitive personal data will be determined.
• Special data will be reduced as much as possible.
• Accommodation will be provided in secure structures, suitable for data and process security.
All these commitments
• Constantly updated
• Focused on cybersecurity
It will be provided by our policy of employing expert technical personnel supported by information technology strategy and up-to-date trainings.