Mconf's mission is to foster connections and expand business through technology. Among our core values, integrity stands out as a fundamental aspect, highlighting the importance of information security in ensuring the quality and reliability of our products and providing the best working environment for our employees and partners.
We recognize that handling data and information exposes us to various levels of risk as they traverse different communication, storage, and processing channels. Therefore, it is crucial to maintain good practices and standards in line with this General Information Security Policy to ensure adequate protection levels for this valuable resource, an indispensable part of our management system.
This document aims to formalize the guidelines of Mconf's General Information Security Policy, intending to protect information assets safely and transparently through prevention, detection, and risk reduction. This approach aligns with the business needs, complexity, and size of the company.
Furthermore, this Policy is a strategic document establishing the concepts and guidelines to promote the secure use of information assets by all Mconf employees and partners. It requires implementing multidisciplinary solutions, adhering to applicable standards and regulations, and preserving the confidentiality, integrity, and availability of information for incident resolution and decision-making procedures.
This Policy applies to all partners, directors, managers, administrators, employees, service providers, agents, subcontractors, and any other individuals or legal entities involved, directly or indirectly, in the daily activities and business of Mconf, including customers and users of products developed by Mconf.
For this Policy, Mconf and its recipients will adhere to the best General Information Security practices, governed by the principles of diligence, confidentiality, adequacy, availability, authenticity, protection, and continuity, along with the following guidelines:
Mconf's objective in information security management is to ensure systematic and effective management of all aspects related to information security, supporting business operations and minimizing risks and their potential impacts. To achieve this, the board, management, and other coordinators are committed to effective management and adopt all necessary measures to ensure that this Policy is communicated, understood, and followed at all levels of Mconf.
In addition to this General Information Security Policy document, complementary policies (both public and internal) and standards are systematically applied to ensure compliance with Mconf's confidentiality, integrity, and availability requirements. The company is also available to assist employees, partners, customers, and the general public in understanding and adapting to this Policy and other complementary policies and standards.
Equally important, Mconf is committed to maintaining high-quality service standards, building solid, mutually beneficial relationships with all stakeholders, and fostering innovation while ensuring compliance with this General Information Security Policy.
Mconf is dedicated to continuously improving cybersecurity procedures, always striving to comply with legal and regulatory standards. This commitment is guided by the principles, concepts, values, and practices outlined here, aiming to ensure the confidentiality, integrity, and availability of company data.
All recipients and Mconf are responsible for adopting and complying with the applicable guidelines, duties, controls, and practices in this Policy. They must ensure all ethical and legal standards are met by those they work with and promptly report any violations for appropriate action based on severity.
This Policy is effective from the date of its publication and availability and will be reviewed and updated periodically, at least once every 12 months.