Security policy
Acceptable Use Policy
Defines appropriate, secure, and lawful use of AiVRIC systems, data, and services.
Purpose & scope
This policy guides how AiVRIC designs, operates, and validates Acceptable Use Policy across production, corporate, and partner environments.
It applies to employees, contractors, vendors, and any system interacting with AiVRIC data or services.
Key controls
- Use AiVRIC assets only for authorized business purposes; personal or illegal use is prohibited.
- Access only data and systems needed for your role; avoid storing customer data outside approved locations.
- Prohibit harassment, abuse, or attempts to bypass security controls within AiVRIC platforms.
- Report suspected misuse within 24 hours to Security for investigation and response.
Operating procedures
- Review and accept the acceptable use policy during onboarding and annually thereafter.
- Use SSO with MFA for all AiVRIC systems; no shared accounts.
- If misuse is suspected, capture details (who/what/when) and open a security ticket immediately.
Evidence & ownership
Owner: Security & Compliance. Review cadence: annually or after material changes.
Evidence: Collected via AiVRIC audit logs, ticketing systems, monitoring dashboards, and vendor records as appropriate to this policy area.
Contact: [email protected]