BANK_OF_SOLIDUS_GREEN_A_LOGO

Information Security Policy

Introduction

Bank of Solidus is committed to protecting the confidentiality, integrity, and availability of our customers' information. This Information Security Policy outlines our approach to safeguarding information and ensuring the secure operation of our services.

Definitions

  • Bank: Refers to Bank of Solidus.
  • User/Customer: Refers to anyone using the services provided by Bank of Solidus.
  • Services: Includes all banking services offered by Bank of Solidus, including but not limited to online banking, mobile banking, savings accounts, checking accounts, family saving accounts, high fixed income accounts, current accounts, and kids accounts.
  • Information Security: Measures taken to protect information from unauthorized access, use, disclosure, disruption, modification, or destruction.

Security Framework

Bank of Solidus follows a comprehensive security framework to protect customer information and ensure the secure operation of our services. This framework is aligned with international standards and best practices.

Access Control

  • User Access Management: Ensuring that only authorized individuals have access to systems and data, including user authentication, role-based access controls, and regular access reviews.
  • Multi-Factor Authentication (MFA): Implementing MFA for accessing sensitive information and systems to provide an additional layer of security.

Data Protection

  • Encryption: Using strong encryption methods to protect data at rest and in transit, including end-to-end encryption for sensitive information.
  • Data Masking: Masking sensitive information where possible to minimize exposure.
  • Data Retention: Retaining data only for as long as necessary to fulfill the purpose for which it was collected, in compliance with legal and regulatory requirements.

Network Security

  • Firewall and Intrusion Detection Systems: Implementing firewalls and intrusion detection systems to monitor and protect our network from unauthorized access and threats.
  • Secure Network Architecture: Designing our network with segmentation and redundancy to ensure robustness and security.

Incident Response

  • Incident Management: Establishing an incident management process to detect, respond to, and recover from security incidents promptly.
  • Reporting Mechanism: Providing mechanisms for employees and customers to report security incidents or suspicious activities.

Employee Training

  • Regular Training: Conducting regular training sessions for employees on information security policies, procedures, and best practices.
  • Security Awareness Programs: Implementing security awareness programs to educate employees about current threats and the importance of information security.

Vendor Management

  • Vendor Risk Assessment: Assessing the security practices of third-party vendors to ensure they meet our security standards.
  • Contracts and Agreements: Including security requirements in contracts and agreements with third-party vendors.

Continuous Improvement

  • Security Audits and Assessments: Conducting regular security audits and assessments to identify and address vulnerabilities.
  • Patch Management: Ensuring that all systems and software are up-to-date with the latest security patches and updates.

Compliance

Bank of Solidus complies with relevant legal, regulatory, and contractual requirements related to information security. We regularly review and update our policies and procedures to ensure ongoing compliance.

Contact Us

If you have any questions about this Information Security Policy, please contact us at:
Bank of Solidus
Customer Support
Email: support@bankofsolidus.com