Security Policy

Effective: 15th April, 2024.

Introduction

At iMake, the security of your data is taken very seriously. This Security Policy outlines the measures we take to protect the confidentiality, integrity, and availability of your product data stored within iMake.

Data Security

Access Control: We implement Role-Based Access Control (RBAC) through the ‘access control’ feature within iMake.
Data Encryption: Data is encrypted at rest and in transit using industry-standard encryption protocols to prevent unauthorized access in case of breaches.
Data Backup and Recovery: We maintain regular backups of your data and have a documented disaster recovery plan for quick restoration in case of system failures.
Activity Monitoring: iMake employs a level of user activity monitoring to ensure data security and maintain system integrity. This monitoring focuses on tracking user actions within the system, such as login attempts, edits and deletions, and system actions such as creating or deleting user accounts, modifying access controls, and system configuration changes. Activity monitoring does not involve capturing personal information like keystrokes or screen content.

User Management

User Provisioning and Deprovisioning: We have strict procedures for granting and revoking user access to iMake. User access is reviewed and updated periodically to ensure only authorized personnel have access.
Password Management: Strong password policies are enforced, and users need to register with their email, name, company name.

Compliance

As mandated by the IT Act, we implement reasonable security practices and procedures to protect your data from unauthorized access, use, disclosure, disruption, modification, or destruction.

Additional Security Measures

Security Awareness Training: We offer regular security awareness training to our employees on cybersecurity best practices to identify and prevent phishing attempts and other social engineering attacks.
Incident Response: A documented incident response plan is in place to effectively respond to security breaches and minimize damage. We will promptly notify you in case of any security incidents impacting your data.
Penetration Testing: We conduct periodic penetration testing of our systems to identify and address potential security weaknesses.

Your Responsibility

We also expect you to be responsible for protecting your data. Please be mindful of the following:

Do not share your login credentials with anyone;
Report any suspicious activity to iMake immediately;
Choose strong passwords and change them regularly.

Changes to this Security Policy

We may update this Security Policy from time to time. We will notify you of any significant changes by posting the new Security Policy on our website.

Contact Us

If you have any questions about this Security Policy, please contact us at hi@i-make.co.in