DEV Community

Cover image for Policy strategies for information system threats
Awal Ariansyah
Awal Ariansyah

Posted on

Policy strategies for information system threats

I'm back writing a college task for my Network and Information Security class. This time the task is to write some policy strategies based on all the threats I already mention in the previous post.

Read it here Company information security analysis
.

I picked is a local Indonesian hosting company, namely Rumahweb. Rumahweb did a great job in making a policy. I will write what I understand.

General Agreement

Consists of several point of agreement between the company and the customer that is

  • Subject of Agreement
  • Validity of Agreement
  • Service Agreement
  • Service Policy
  • Customer Rights and Obligations
  • Customer Support
  • Agreement Changes
  • Violations and Sanctions
  • Disclaimer
  • Dispute resolution

There is a lot of stuff, you can read more here

Domain Service Agreement

Agreement that focused on the domain services, consists of

  • Service Definition
  • Customer Rights and Obligations
  • Rumahweb's Rights and Responsibilities
  • Deletion and Termination of Service
  • Uniform Domain Name Dispute Resolution Policy (“UDRP”)
  • Costs

Read more about it here

Web Hosting Service Agreement

The main agreement between Rumahweb and the customer for the main service which is a web hosting service. Overall it is similar to previous agreement with the addition of:

  • Service Guarantee
  • Claims for Service Warranty Failure

Read more

Privacy Policy

Next we will be looking at the privacy policy. It is covering what data they collected, how will they use the data, third-party authentication, data confidentiality limits and the data security.

What's written in the data security policy is that Rumahweb Indonesia tries its best to protect customers' personal/company data from parties who are not authorised to obtain such data, except to do the things mentioned in Data Use.

That's so simple policy I'd say. Read the policy here

Acceptable Use Policy (AUP)

Acceptable Usage Policy is a policy on the use of Rumahweb Indonesia facilities which are included in the services used by customers.

It covers:

  • Website content
  • Hosting account usage
  • E-mail facility usage
  • Hosting resource usage
  • VPS/Cloud Server service usage
  • Titan Email/Flockmail service usage
  • Alibaba Cloud VPS service usage
  • Sanctions Against Violations
  • Handling Violations/Abuses
  • Contact Abuse
  • Abuse Report Tracking

Read full here

Service Level Agreement (SLA)

The last thing is the agreement in the level of service, it requires customer to understand the other policies first.

The inside is consists of:

  • Internet Connectivity Uptime Guarantee
  • Server Uptime Guarantee
  • Data Security Guarantee
  • Claim for Warranty Failure
  • Approval of Premium WordPress Plugins and Themes
  • Alibaba Cloud VPS Service Definition
  • Alibaba Cloud VPS Service Downtime Guarantee
  • Alibaba Cloud VPS Downtime Guarantee Failure Claim Process
  • Disclaimer
  • Amount of Compensation for Service Failure
  • Tax Collection
  • Billing and Payment
  • Refund Policy

Read full story here

Wrap-up

Well, I know it's kind of lazy writing that just write the sub-heading of the content. At the very least you learn about policy of a hosting provider so you could prepare for it in case you want to open one. Thanks.

Top comments (0)