Security Policy
Our comprehensive security policy outlines our commitment to protecting your data, systems, and privacy through industry-leading security practices and standards.
Information Security
Comprehensive information security management following ISO27001 standards.
Access Control
Strict access controls and authentication mechanisms for all systems.
Monitoring & Detection
24/7 security monitoring and threat detection capabilities.
Incident Response
Rapid incident response and recovery procedures.
Information Security Management
Security Framework
- ISO27001 Information Security Management System
- NIST Cybersecurity Framework implementation
- OWASP security guidelines and practices
- CIS Controls for cyber defense
Risk Management
- Regular risk assessments and analysis
- Threat modeling and vulnerability management
- Business continuity and disaster recovery planning
- Third-party security assessments
Technical Security Controls
Data Protection
- AES-256 encryption at rest
- TLS 1.3 encryption in transit
- Database encryption and tokenization
- Secure key management
Access Control
- Multi-factor authentication
- Role-based access control (RBAC)
- Privileged access management
- Regular access reviews
Network Security
- Next-generation firewalls
- Intrusion detection and prevention
- Network segmentation
- DDoS protection
Incident Response
Response Process
1
Detection & Analysis
Immediate threat detection and impact assessment
2
Containment
Isolate and contain the security incident
3
Eradication & Recovery
Remove threats and restore normal operations
4
Post-Incident Review
Lessons learned and process improvement
Response Team
- 24/7 Security Operations Center (SOC)
- Dedicated incident response team
- External forensics partners
- Legal and compliance support
Security Reporting
If you discover a security vulnerability or incident, please report it immediately through our dedicated security channels:
Security Incident Reporting:
Email: security@mesika.org
Emergency Hotline: +233 (0)509 098 534
Online Form: Security Incident Report