{"id":3710,"date":"2024-12-09T09:33:46","date_gmt":"2024-12-09T12:33:46","guid":{"rendered":"https:\/\/www.positivosmais.com\/information-security-policy\/"},"modified":"2025-02-26T17:07:17","modified_gmt":"2025-02-26T20:07:17","slug":"information-security-policy","status":"publish","type":"page","link":"https:\/\/www.positivosmais.com\/en\/information-security-policy\/","title":{"rendered":"Information Security Policy"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"3710\" class=\"elementor elementor-3710 elementor-965\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-05ab3bf e-flex e-con-boxed e-con e-parent\" data-id=\"05ab3bf\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-f2cb99b elementor-widget elementor-widget-heading\" data-id=\"f2cb99b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Information Security Policy<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-8423ed6 e-flex e-con-boxed e-con e-parent\" data-id=\"8423ed6\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-7c1fd61 elementor-nav-menu--stretch elementor-nav-menu--dropdown-tablet elementor-nav-menu__text-align-aside elementor-nav-menu--toggle elementor-nav-menu--burger elementor-widget elementor-widget-nav-menu\" data-id=\"7c1fd61\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;full_width&quot;:&quot;stretch&quot;,&quot;layout&quot;:&quot;horizontal&quot;,&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;svg class=\\&quot;e-font-icon-svg e-fas-caret-down\\&quot; viewBox=\\&quot;0 0 320 512\\&quot; xmlns=\\&quot;http:\\\/\\\/www.w3.org\\\/2000\\\/svg\\&quot;&gt;&lt;path d=\\&quot;M31.3 192h257.3c17.8 0 26.7 21.5 14.1 34.1L174.1 354.8c-7.8 7.8-20.5 7.8-28.3 0L17.2 226.1C4.6 213.5 13.5 192 31.3 192z\\&quot;&gt;&lt;\\\/path&gt;&lt;\\\/svg&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;toggle&quot;:&quot;burger&quot;}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-horizontal e--pointer-underline e--animation-fade\">\n\t\t\t\t<ul id=\"menu-1-7c1fd61\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-994\"><a href=\"https:\/\/www.positivosmais.com\/politica-de-privacidade\/\" class=\"elementor-item\">Privacy Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-993\"><a href=\"https:\/\/www.positivosmais.com\/politica-de-cookies\/\" class=\"elementor-item\">Cookie Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-992\"><a href=\"https:\/\/www.positivosmais.com\/politica-de-seguranca-da-informacao\/\" class=\"elementor-item\">Information Security Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-991\"><a href=\"https:\/\/www.positivosmais.com\/termos-de-uso\/\" class=\"elementor-item\">Terms of Use<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-990\"><a href=\"https:\/\/www.positivosmais.com\/lei-geral-de-protecao-de-dados\/\" class=\"elementor-item\">General Data Protection Law (LGPD)<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t<div class=\"elementor-menu-toggle\" role=\"button\" tabindex=\"0\" aria-label=\"Menu Toggle\" aria-expanded=\"false\">\n\t\t\t<svg aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--open e-font-icon-svg e-eicon-menu-bar\" viewBox=\"0 0 1000 1000\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M104 333H896C929 333 958 304 958 271S929 208 896 208H104C71 208 42 237 42 271S71 333 104 333ZM104 583H896C929 583 958 554 958 521S929 458 896 458H104C71 458 42 487 42 521S71 583 104 583ZM104 833H896C929 833 958 804 958 771S929 708 896 708H104C71 708 42 737 42 771S71 833 104 833Z\"><\/path><\/svg><svg aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--close e-font-icon-svg e-eicon-close\" viewBox=\"0 0 1000 1000\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M742 167L500 408 258 167C246 154 233 150 217 150 196 150 179 158 167 167 154 179 150 196 150 212 150 229 154 242 171 254L408 500 167 742C138 771 138 800 167 829 196 858 225 858 254 829L496 587 738 829C750 842 767 846 783 846 800 846 817 842 829 829 842 817 846 804 846 783 846 767 842 750 829 737L588 500 833 258C863 229 863 200 833 171 804 137 775 137 742 167Z\"><\/path><\/svg>\t\t<\/div>\n\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-7c1fd61\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-994\"><a href=\"https:\/\/www.positivosmais.com\/politica-de-privacidade\/\" class=\"elementor-item\" tabindex=\"-1\">Privacy Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-993\"><a href=\"https:\/\/www.positivosmais.com\/politica-de-cookies\/\" class=\"elementor-item\" tabindex=\"-1\">Cookie Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-992\"><a href=\"https:\/\/www.positivosmais.com\/politica-de-seguranca-da-informacao\/\" class=\"elementor-item\" tabindex=\"-1\">Information Security Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-991\"><a href=\"https:\/\/www.positivosmais.com\/termos-de-uso\/\" class=\"elementor-item\" tabindex=\"-1\">Terms of Use<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-990\"><a href=\"https:\/\/www.positivosmais.com\/lei-geral-de-protecao-de-dados\/\" class=\"elementor-item\" tabindex=\"-1\">General Data Protection Law (LGPD)<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-21a3ff8 e-flex e-con-boxed e-con e-parent\" data-id=\"21a3ff8\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-574eaec e-con-full e-flex e-con e-child\" data-id=\"574eaec\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[],&quot;sticky&quot;:&quot;top&quot;,&quot;sticky_on&quot;:[&quot;desktop&quot;],&quot;sticky_offset&quot;:100,&quot;sticky_parent&quot;:&quot;yes&quot;,&quot;sticky_effects_offset&quot;:0,&quot;sticky_anchor_link_offset&quot;:0}\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e658eb2 elementor-widget elementor-widget-table-of-contents\" data-id=\"e658eb2\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;exclude_headings_by_selector&quot;:[],&quot;marker_view&quot;:&quot;bullets&quot;,&quot;icon&quot;:{&quot;value&quot;:&quot;&quot;,&quot;library&quot;:&quot;&quot;},&quot;no_headings_message&quot;:&quot;N\\u00e3o foram encontrados cabe\\u00e7alhos nesta p\\u00e1gina.&quot;,&quot;headings_by_tags&quot;:[&quot;h2&quot;,&quot;h3&quot;,&quot;h4&quot;,&quot;h5&quot;,&quot;h6&quot;],&quot;hierarchical_view&quot;:&quot;yes&quot;,&quot;min_height&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]}}\" data-widget_type=\"table-of-contents.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-toc__header\">\n\t\t\t<h4 class=\"elementor-toc__header-title\">\n\t\t\t\t\t\t\t<\/h4>\n\t\t\t\t\t<\/div>\n\t\t<div id=\"elementor-toc__e658eb2\" class=\"elementor-toc__body\">\n\t\t\t<div class=\"elementor-toc__spinner-container\">\n\t\t\t\t<svg class=\"elementor-toc__spinner eicon-animation-spin e-font-icon-svg e-eicon-loading\" aria-hidden=\"true\" viewBox=\"0 0 1000 1000\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M500 975V858C696 858 858 696 858 500S696 142 500 142 142 304 142 500H25C25 237 238 25 500 25S975 237 975 500 763 975 500 975Z\"><\/path><\/svg>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-c39fdae e-con-full e-flex e-con e-child\" data-id=\"c39fdae\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t<div class=\"elementor-element elementor-element-be1b1b3 elementor-widget elementor-widget-text-editor\" data-id=\"be1b1b3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h2><b>1. Our Purpose<\/b><span style=\"font-weight: 400;\"><br \/><\/span><\/h2><p>Provide guidance and support for information security in accordance with business requirements, applicable laws, and regulations, thereby contributing to the organization&#8217;s financial sustainability.<\/p><h2><b>2. Scope<\/b><\/h2><p>This &#8220;Security Policy&#8221; ensures service integrity across all Positivo S+ units, in alignment with the company\u2019s strategies, current legislation, and contractual requirements.<\/p><p>The guidelines outlined here must be followed by all employees, service providers, suppliers, interns, contractors, partners, and clients who handle Positivo S+ information.<\/p><p><i><span style=\"font-weight: 400;\">Note 01: <\/span><\/i><span style=\"font-weight: 400;\">Exceptions are permitted only when approved by the executive board.<\/span><\/p><h2><b>3. Information Security Principles<\/b><b><\/b><\/h2><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><b>Confidentiality: <\/b>Ensuring information is available or disclosed only to authorized individuals, entities, or processes, maintaining data privacy.<\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><b>Integrity:<\/b><\/li><li>Ensuring the truthfulness, accuracy, and consistency of information, preventing intentional or accidental compromise or alteration.<\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><b>Availability: <\/b><span style=\"font-weight: 400;\">Ensuring information is accessible as needed by authorized individuals, entities, or processes.<\/span><\/li><\/ul><h2><b>4. Guidelines<\/b><b><\/b><b><\/b><\/h2><h3>4.1 People<\/h3><ul><li>All Positivo S+ employees must sign the &#8220;Confidentiality Agreement&#8221; upon admission or when requested by the company.<\/li><li>Misuse of company or client information, sharing it with competitors, using it for personal gain, or improperly storing files and emails is strictly<\/li><li>Authentication credentials (e.g., username and password) are personal and non-transferable, and each user is responsible for their safe use and storage.<\/li><\/ul><h3>4.2 Suppliers and Third Parties<span style=\"font-weight: 400;\"><br \/><\/span><\/h3><ul><li>Any creation, invention, or development of ideas, processes, systems, products, and services during service delivery must be transferred to Positivo S+.<\/li><li>Misuse of company or client information by service providers, including sharing with competitors or using for personal gain, is<\/li><li>Service providers with access to Positivo S+ resources must comply with the organization\u2019s policies and confidentiality clauses outlined in their service agreements.<\/li><\/ul><h3>4.3 Assets<\/h3><ul><li>Positivo S+ products or equipment requiring transport must be securely accommodated to ensure physical and logical integrity when applicable.<\/li><li>Use of personal computers on the corporate network is not permitted unless explicitly authorized by the information security<\/li><li>The movement of assets within Positivo S+ units must follow internal company procedures.<\/li><\/ul><h3>4.4 Processes<\/h3><ul><li>Critical business processes must be mapped, risk-assessed, and approved by the executive board.<\/li><li>Process mapping must be reviewed whenever significant changes occur in the environment.<\/li><\/ul><h3>4.5 Risk<\/h3><ul><li>A risk assessment process for information security must identify vulnerabilities, threats, impacts, and acceptable risk levels for assets, people, information, systems, and processes.<\/li><li>Risk assessments must be reviewed annually or whenever significant changes occur.<\/li><li style=\"font-weight: 400;\" aria-level=\"3\">\u00a0<\/li><\/ul><h3>4.6 Information<\/h3><ul><li>Access to Positivo S+ or client information is restricted to authorized personnel only.<\/li><li>Confidentiality clauses agreed upon with clients must be respected by employees and third-party service providers.<\/li><li>Unauthorized access to systems, applications, or attempts thereof is strictly<\/li><li>All information created within Positivo S+ or on its behalf belongs to the company, which determines its use and purpose.<\/li><li>Data storage and backup must follow secure processes validated by the competent team.<\/li><li>Use of external storage devices (e.g., USB drives, external hard drives) for data transport or storage requires formal authorization.<\/li><\/ul><h3>4.7 Systems and Applications<\/h3><ul><li>Installing unauthorized software (e.g., shareware, freeware) is not allowed unless listed in the approved solutions.<\/li><li>Security updates and patches must be implemented following established protocols and approved by the IT and security<\/li><li>All devices capable of running antivirus software must have it installed, updated, and operational.<\/li><li>Corporate email is for business purposes only, and using it for personal activities, such as online shopping, is prohibited.<\/li><li>System and application credentials must not be shared, and users are solely responsible for safeguarding their logins and passwords.<\/li><\/ul><h3>4.8 Violation of Policies and Guidelines<\/h3><p>Security violations must be reported immediately to the information security team. Investigations will be conducted to determine corrective actions.<\/p><p><span style=\"font-weight: 400;\">Examples of violations:<\/span><\/p><ul><li>Illegal use of software<\/li><li>Introduction of viruses<\/li><li>Sharing sensitive business or personal data<\/li><li>Breaching confidentiality agreements<\/li><li>Sharing offensive or harmful content<\/li><li>Other violations specified in the Group Positivo Code of Conduct and applicable laws<\/li><\/ul><h3>4.9 Audit<\/h3><ul><li>All employees and third parties using Positivo S+ technology environments are subject to network, telephony, and application audits.<span style=\"font-weight: 400;\"><br \/><\/span><\/li><li>Audits will be periodically conducted to ensure compliance with this<\/li><li>If activities compromising network security are detected, the information security team may inspect user activities, files, and access logs, notifying senior management of any findings.<\/li><\/ul><h2><b>5. General Provisions<\/b><\/h2><p>This Information Security Policy is subject to regular updates to ensure alignment with applicable legislation.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>1. Our Purpose Provide guidance and support for information security in accordance with business requirements, applicable laws, and regulations, thereby contributing to the organization&#8217;s financial sustainability. 2. Scope This &#8220;Security Policy&#8221; ensures service integrity across all Positivo S+ units, in alignment with the company\u2019s strategies, current legislation, and contractual requirements. The guidelines outlined here must [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-3710","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/pages\/3710","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/comments?post=3710"}],"version-history":[{"count":10,"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/pages\/3710\/revisions"}],"predecessor-version":[{"id":4166,"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/pages\/3710\/revisions\/4166"}],"wp:attachment":[{"href":"https:\/\/www.positivosmais.com\/en\/wp-json\/wp\/v2\/media?parent=3710"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}