Millbran logo

Millbran

Back to Home

Security Policy

Last updated: April 9, 2024

1. Introduction

This Security Policy outlines the measures Millbran takes to protect our systems, data, and client information. We are committed to maintaining the highest standards of security and privacy.

2. Data Protection

2.1 Data Classification

All data is classified according to sensitivity and handled accordingly:

  • Public: Information that can be freely shared
  • Internal: Information for use within Millbran only
  • Confidential: Sensitive information requiring special handling
  • Restricted: Highly sensitive information with strict access controls

2.2 Data Storage and Transmission

  • • All sensitive data is encrypted both at rest and in transit
  • • We use industry-standard encryption protocols (TLS 1.3, AES-256)
  • • Regular backups are performed and stored securely

3. Access Control

3.1 Authentication

  • • Multi-factor authentication is required for all system access
  • • Strong password policies are enforced
  • • Regular password rotation is required

3.2 Authorization

  • • Access is granted on a need-to-know basis
  • • Regular access reviews are conducted
  • • Principle of least privilege is applied to all systems

4. Network Security

4.1 Perimeter Security

  • • Enterprise-grade firewalls protect our network
  • • Intrusion detection and prevention systems are in place
  • • Regular vulnerability scanning and penetration testing

4.2 Monitoring

  • • 24/7 monitoring of all systems and networks
  • • Automated alerts for suspicious activities
  • • Regular security log reviews

5. Software Development

5.1 Secure Development Practices

  • • Security is integrated into our development lifecycle
  • • Regular code reviews with security focus
  • • Static and dynamic application security testing

5.2 Third-Party Components

  • • All third-party libraries and components are vetted
  • • Regular updates to address security vulnerabilities
  • • Dependency scanning for known vulnerabilities

6. Incident Response

6.1 Incident Management

  • • Documented incident response procedures
  • • Trained incident response team
  • • Regular drills and simulations

6.2 Breach Notification

  • • Timely notification of affected parties
  • • Compliance with relevant regulations
  • • Transparent communication about incidents

7. Physical Security

7.1 Facility Security

  • • Secure access to all Millbran facilities
  • • Video surveillance and monitoring
  • • Visitor management procedures

7.2 Equipment Security

  • • Asset management and tracking
  • • Secure disposal of equipment
  • • Encryption of all mobile devices

9. Compliance

9.1 Regulatory Compliance

  • • Compliance with relevant industry regulations
  • • Regular compliance audits
  • • Documentation of compliance activities

9.2 Standards Adherence

  • • ISO 27001 framework alignment
  • • NIST Cybersecurity Framework
  • • Industry best practices

10. Contact

For questions or concerns regarding this Security Policy, please contact:

Email: security@millbran.com

Phone: +44 01202 0220 63

Millbran
124 City Road
London, EC1V 2NX
United Kingdom