Data security terms yasham card for business data security terms

The Yasham Card Business Data Security Terms (“Data Security Terms”) apply in relation to Yasham Card’s provision of the Business Services to you in accordance with the Business Terms. Terms that begin with capital letters [in English] [in quotation marks in Arabic] and are not defined in these Data Security Terms have the meanings given in these Business Terms. These Data Security Terms set out the minimum security standards that Yasham Card maintains for the Business Services provided under, including data that you transmit to Yasham Card using the Business Services Covered Data

1. Regulating information security. Yasham Card has employees responsible for overseeing the security of business services.

2. Physical and environmental safety. Yasham Card's security measures will include controls designed to provide reasonable assurance that physical access to physical data processing centers controlled by Yasham Card that are used to provide business services (“Data Processing Center”) is limited to authorized persons, and about the design of controls Environmental to detect, prevent and prevent destruction that may result from environmental hazards. Controls include recording and auditing all physical access by employees and contractors to the data processing center, procedures for secure deletion and disposal of data, in accordance with protocols that provide identification cards to enter all Yasham Card facilities for all business services workers.

3. Team training. Yasham Card will ensure that all staff members who have access to covered data receive security training.

Confidentiality. Yasham Card will bind individuals who have access to contractually covered data to appropriate confidentiality requirements. Screening and security checks. You will place Yasham Card through a process that aims to:

  4. Verify the identity of staff members who have access to covered data; and Conduct identity checks, where legally permitted, of members of staff working on or supporting aspects of the Business Services, in accordance with standards

   yasham card.

Security breach by team members.

  Yasham Card will take disciplinary action in the event that Yasham Card individuals gain unauthorized access to Covered Data. These actions, where legally permissible, include penalties up to and including termination.

Security testing

You will conduct periodic security and vulnerability testing to assess the extent to which key controls are correctly and effectively applied and implemented

Access control

Password management. Yasham Card has established and will maintain established password management procedures for its team members, which are designed to ensure that each person has personal passwords and does not allow unauthorized access to them, including at a minimum

. Providing passwords, including providing procedures designed to verify a user's identity before providing a new, replacement or temporary password;

Protect all passwords by encrypting them when stored on computer systems or during transmission over the network; Change all default passwords received from vendors Create strong passwords appropriate for their intended use

Awareness of good password creation practices

Access management. Yasham Card will also control and monitor access to its systems by its team members by:

. Establish procedures for changing and revoking access rights and user identifiers immediately without delay; Establish procedures for reporting and revoking compromised access credentials (passwords, access codes, etc.); Maintain appropriate security logs, including user ID and timestamp where possible; Synchronize clocks with network time protocol; Log the following minimum user access management events

i. Permit changes

ii. Authentication processes and successful and failed access attempts

6. Communications security

Network security 1

. Yasham Card will use technology that complies with network separation standards. Will require remote access to systems

yasham card Encrypted communications using secure protocols and multi-factor authentication.

Data Protection Yasham Card Use appropriate protocols designed to protect the confidentiality of data during its transfer over public networks.

5. Vulnerability management. Yasham created a card that covers business services and includes defining roles and responsibilities related to monitoring vulnerabilities, assessing their risks, and deploying patches for these vulnerabilities.

6. Security incident management

a. Respond to security incidents. Yasham Card will maintain a Security Incident Response Plan to monitor, detect and respond to potential security incidents affecting Covered Data. A security incident response plan should include at a minimum specification of roles and responsibilities, communications and post-incident reviews, including root cause analysis and possible remediation plans.

b. Monitoring. Yasham Card will monitor for any security breaches or malicious activities affecting the covered data.

In the event of an express conflict between the Business Terms and these Data Security Terms, the Business Terms will govern solely with respect to your use of the Business Services and only to the extent of the conflict. Yasham Card Company has the right to update these data security terms from time to time to keep pace with the development of security standards.

We are always working to monitor the operation of the application, review repeated reports, block users who violate the laws, and monitor the use of personal cards, shipping cards, and related requests.