ORCA

IT and Data Security Policies

1. Acceptable Use Policy

All individuals are expected to use IT resources responsibly. When working on ORCA projects be thoughtful about the computers, software and connected applications you may be using. Be careful of:

Everyone is responsible for protecting their login credentials and reporting any suspected security breaches immediately.

2. Data Protection and Privacy

We may at time handle sensitive and private information and data, and we must adhere to applicable data protection laws and regulations. This includes:

If there is a suspected data breaches or incidents promptly report the time, data impacted, actions taken and if the attack is still going on to the VERSO Director.

Protection of Confidential Information

Definition: Confidential information includes any data, documents, or discussions that are not intended for public disclosure. This may include research findings, proprietary algorithms, sensitive personal information, or any other information deemed confidential by the program.

Data Security Measures

Data Privacy Compliance

3. Password Management

Passwords must meet minimum complexity requirements, including a mix of uppercase and lowercase letters, numbers, and special characters. Passwords should not be shared or stored in unsecured locations, we recommend using a password manager (bitwardent is an open source free option).

Multi-factor authentication (MFA) should be used for accessing sensitive systems and data, including GitHub authentication.