Information Security Policy
Purpose
The purpose of this policy is to define web application security assessments within Stratus Add-ons web application.
Scope
The policy covers all data handled by the application and employees of Stratus Add-ons.
Process
Ensure all information is encrypted in compliance with Atlassian’s security requirements for cloud apps.
Frequently search for potential security vulnerabilities in the code and ensure proper security standards and best practices have been met.
Avoid storing any information, which includes but is not limited to usernames, identifiers, passwords, emails, diagram markup etc.
Ensure all Stratus Add-ons employees have been properly trained to enforce this policy.
Review
This policy is reviewed annually and is kept up to date with requirements stated by Atlassian.