At yasoon, we take security very seriously. Our management team, composed of our CTO, our CEO, and our COO, has a wealth of experience and expertise in all aspects of security, from the technical to the organizational and human resources. They lead the security strategy and implementation across the company, ensuring that we follow the best practices and standards in the industry.
But security is not just a top-down approach at yasoon. It is also a shared responsibility and a core value for everyone who works with us. We make sure that our staff is aware of the importance of security and the role they play in achieving it. We provide them with regular training, feedback, and support to help them maintain and improve our security posture.
Security awareness
We ensure that all staff undergo security awareness training during the onboarding process and regularly thereafter to keep security at the forefront of their minds. Our security awareness training program covers various topics, including current threats and scams, secure working practices, behaviors that pose security risks, as well as compliance and regulatory issues. Additionally, our developers have access to specialized training on secure coding.
Our internal security wiki and accessible policies in our compliance tool Vanta make it easy for staff to find guidance. Security updates are often included in all-hands meetings.
Furthermore, we maintain open communication channels between employees and the security team through Teams chat and channel announcements. This accessibility ensures that the security team is readily available to all yasoon staff.
Access management
Principle of least privilege, access logging (request access through ticketing)