At PicLumen, we take the security of our users very seriously. This policy outlines the various measures we implement to protect against unauthorized access to your information and ensure the safe use of our services.
Security at PicLumen
We employ a range of measures to protect your information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction:
● Vulnerability Management: We maintain a documented vulnerability management program that includes regular security scans and the identification and remediation of potential internal or external vulnerabilities.
● Incident Response: We conduct table-top exercises and have protocols in place to investigate, manage, respond to, and remedy incidents of unwelcome intrusion or malicious acts effectively.
● Penetration Testing: We conduct annual penetration testing exercises to evaluate the robustness of our systems and processes.
● Access Controls: Our employees adhere to strict security policies to protect your data. This includes role-based access controls, encryption of certain types of information, and multi-factor authentication for access to PicLumen systems. We regularly review and update permissions.
● Secure Coding Practices: Our global development team follows widely accepted secure coding practices and security protocols to prevent eavesdropping, tampering, hacking, and fraud, including encryption of data both in rest and in transit.
● Physical Security: We contract with security vendors to implement accredited auditing procedures that protect against physical threats at our facilities.
Security Tips
To Do:
● Choose a Strong Password: Use a combination of 8-16 characters, including special characters, upper and lowercase letters, and numbers. Ensure it is unique and different from other passwords you use online.
● Report Suspicious Activity: Notify us immediately of any fraudulent or suspicious activity here.
● Sign Out: Always sign out of unused devices.
Not To Do:
● Share Your Password: Never give your password to someone you don’t know or trust.
● Modify Services: Do not copy, modify, or alter any parts of our services.
● Unauthorized Access: Do not attempt to access our services without proper authorization or try to access private connections.
● Data Misuse: Do not store, copy, or duplicate any part of our services or user-generated content without explicit consent.
● Spam: Avoid sending any unwanted communication to other users.
● Inappropriate Usernames: Do not create usernames that include web addresses or your primary email address.
● Transmit Malware: Never transmit malware to our network.
● Reverse Engineering: Do not backwards engineer or imitate our services.
● Unauthorized Export: Do not export or access our network for competitive or profit purposes.
● Ethical Integrity: Always uphold the ethical integrity of our services.
For any questions or concerns about our security practices, please contact us directly.