loader image

+39 346 596 4096

Via degli Orti della Magliana, 29, Roma

Security
Policy

This Security Policy outlines the security measures and practices implemented by TinyGreenBNB to safeguard sensitive information, assets, and resources. It is designed to protect against unauthorized access, data breaches, and other security risks.
  • Access Control: Access to sensitive data and systems is restricted to authorized personnel only. Each user is assigned a unique login and password, and multi-factor authentication is enforced for critical systems.
  • Data Encryption: All sensitive data, both in transit and at rest, must be encrypted using industry-standard encryption protocols.
  • Incident Response: A comprehensive incident response plan is in place to detect, report, and respond to security incidents promptly. This includes procedures for notifying affected parties and mitigating potential damages.
  • Data Backup and Recovery: Regular backups of critical data are performed and stored in secure, offsite locations. Periodic recovery tests are conducted to ensure data integrity.

Access Control: Physical access to facilities housing sensitive information and equipment is restricted to authorized personnel only. Access points are monitored and secured.

Surveillance: CCTV cameras are strategically placed to monitor and record activities in sensitive areas.

Firewalls and Intrusion Detection/Prevention Systems: Firewalls and IDS/IPS are deployed to monitor and filter network traffic, preventing unauthorized access and detecting suspicious activities.

Vulnerability Management: Regular vulnerability assessments and penetration testing are conducted to identify and address potential security weaknesses.

Wireless Network Security: Secure encryption protocols and strong authentication mechanisms are used to protect wireless networks.

All employees receive regular training on security best practices, including phishing awareness, password hygiene, and social engineering prevention.
TinyGreenBNB is committed to compliance with all relevant legal and regulatory requirements concerning information security and privacy.
Third-party vendors and partners are required to adhere to security and privacy standards that align with our own.
Employees, contractors, and vendors are encouraged to promptly report any suspected security incidents to the designated security team.
This Security Policy is subject to periodic review and updates to adapt to evolving security threats and technologies.
Non-compliance with this Security Policy may result in disciplinary action, up to and including termination of employment or contract.