Security Policy

Dial ERP Technologies Ltd ("Dial ERP," "we," "us," or "our") is committed to maintaining the security and confidentiality of our information assets and ensuring the integrity and availability of our systems and data. This Security Policy outlines our approach to information security and provides guidelines for employees, contractors, and third-party partners to follow.

• 2.1 Management Commitment: Senior management at Dial ERP is committed to providing the necessary resources and support to maintain a robust information security program.
• 2.2 Employee Training: All employees, contractors, and third-party partners must receive adequate training on information security best practices and their responsibilities under this policy.
• 2.3 Compliance: All employees, contractors, and third-party partners must comply with this Security Policy and any related policies, procedures, and guidelines.

• 3.1 Access Control: Access to Dial ERP systems and data must be granted on a need-to-know basis and be consistent with the principle of least privilege. User access rights must be regularly reviewed and updated as necessary.
• 3.2 Data Protection: All sensitive and confidential data must be protected using appropriate security controls, including encryption, access controls, and data loss prevention mechanisms.
• 3.3 Password Security: Passwords must be strong, unique, and securely stored. Multi-factor authentication should be used wherever possible to enhance security.
• 3.4 Network Security: Dial ERP networks must be protected with firewalls, intrusion detection and prevention systems, and other security measures to prevent unauthorized access and malicious activity.
• 3.5 Patch Management: All software and systems must be kept up to date with the latest security patches and updates to mitigate known vulnerabilities.
• 3.6 Incident Response: Dial ERP has established procedures for detecting, reporting, and responding to security incidents. All employees, contractors, and third-party partners must report any suspected security incidents immediately to the appropriate authorities.

• 4.1 Facility Access: Access to Dial ERP facilities must be restricted to authorized individuals only. Physical access controls, such as locks, badges, and security guards, must be in place to prevent unauthorized entry.
• 4.2 Equipment Protection: Company-owned equipment, including computers, servers, and mobile devices, must be physically secured to prevent theft or tampering.

• 5.1 Vendor Risk Management: Dial ERP conducts due diligence assessments of third-party vendors and service providers to ensure they meet our security standards and comply with relevant regulations.
• 5.2 Contractual Obligations: Contracts with third-party vendors must include provisions for information security, confidentiality, and compliance with applicable laws and regulations.

• 6.1 Compliance Audits: Regular audits and assessments of information security controls are conducted to ensure compliance with this Security Policy and relevant standards and regulations.
• 6.2 Monitoring and Logging: Dial ERP monitors and logs security events and activities to detect and respond to potential threats and breaches.

All employees, contractors, and third-party partners of Dial ERP are responsible for:

• Understanding and complying with this Security Policy and related policies, procedures, and guidelines.
• Reporting any suspected security vulnerabilities or incidents to the appropriate authorities.
• Safeguarding Dial ERP's information assets and resources from unauthorized access, disclosure, or misuse.

If you have any questions or concerns about this Security Policy, please contact the Dial ERP Security Team at [info@dialerp.com].

Dial ERP reserves the right to revise this Security Policy at any time. Any updates or changes will be communicated to employees, contractors, and third-party partners in a timely manner.