Twisted Artist Guild

ArtistsListingsBlogAboutContact
Login

The code of conduct for public website users who browse and buy art:

Version: 1.0

Effective Date: 15 February 2025

Serving the Carolinas and Georgia

https://www.twistedartistsguild.com

**
**

Security Policies

  1. Password Management

    • Members of the staff will never ask for your password because they cannot even reference it.

    • All passwords will be converted to a digital hash before they are sent over the internet and are only transmitted through encrypted channels.

  2. Data Protection

    • All sensitive data must be encrypted at rest and in transit to prevent unauthorized access.

    • Regular audits will be conducted to ensure compliance with data protection regulations.

  3. Network Security

    • Firewalls and intrusion detection systems will be implemented to monitor and block suspicious activities.

    • Regular updates and patches will be applied to all systems to protect against known vulnerabilities.

  4. Access Control

    • Access to sensitive information will be restricted to authorized personnel only.

    • Multi-factor authentication will be required for accessing critical systems.

  5. Employee Training

    • Regular cybersecurity training sessions will be conducted to educate employees about potential threats and safe practices.

    • Phishing simulations will be used to test and improve employee awareness.

  6. Incident Response Plan

    • A detailed incident response plan will be developed and regularly updated to handle potential cyber-attacks effectively.

    • The plan will include procedures for identifying, containing, eradicating, and recovering from an attack.

  7. Monitoring and Reporting

    • Continuous monitoring of systems and networks will be conducted to detect anomalies and potential threats.

    • A clear reporting mechanism will be established for employees to report suspected security incidents.

  8. Third-Party Risk Management

    • Vendors and partners will be assessed for cybersecurity risks before engagement.

    • Contracts with third parties will include clauses for data protection and breach notification.

  9. Backup and Recovery

    • Regular backups of critical data will be performed and stored securely offsite.

    • A disaster recovery plan will be in place to ensure business continuity in the event of a major cyber incident.

  10. Legal and Regulatory Compliance

    • The organization will comply with all applicable cybersecurity laws and regulations.

    • Regular reviews will be conducted to ensure ongoing compliance.

By implementing these measures, the organization aims to protect itself from cyber-attacks and ensure a swift and effective response if one occurs.