Portal 26's code of conduct policy describes the principles, standards, and expected behaviors for individuals within an organization. It typically outlines ethical guidelines, professional conduct, compliance with laws, respect towards colleagues and clients, and the consequences of violating these standards. The policy aims to ensure a respectful, lawful, and productive work environment.

Portal 26 infrastructure is hosted by Amazon Web Services (AWS), leveraging AWS's robust cloud solutions to ensure scalable, secure, and reliable service delivery. This strategic choice allows Portal 26 to benefit from AWS's industry-leading capabilities in cloud computing,

Portal 26 has established a comprehensive Business Continuity and Disaster Recovery (BCDR) plan, integral to our strategy for ensuring resilience and preparedness. Key features of our plan include:

Annual Review and Approval

• Our BCDR plan is rigorously exercised, reviewed, and approved every year to ensure its relevance and effectiveness.

Comprehensive Testing

• We conduct regular, thorough testing of critical services, backup systems, and operational infrastructure. This practice guarantees that our business continuity requirements are consistently met and refined.

Proactive Risk Management

• A proactive risk assessment program and detailed business impact analysis span the entire organization. These processes are designed to identify potential threats and evaluate the impact on our business functions, allowing us to implement necessary mitigations.

Commitment to Preparedness

• Our BCDR plan reflects a steadfast commitment to maintaining operational resilience and ensuring uninterrupted service across all business areas. This comprehensive approach ensures that we are prepared to respond effectively to disruptions, safeguarding our operations and client interests.

Continuous Improvement

• We strive for continuous improvement in our disaster recovery capabilities, adapting to emerging threats and evolving business needs. This ensures that our BCDR plan remains a living document, dynamically evolving to meet the challenges of an ever-changing landscape.

Portal 26 offers comprehensive access control mechanisms, including both Role-Based Access Control (RBAC) and User-Based Access Control (UBAC), within our product suite. This dual approach enhances security and operational efficiency by allowing tailored access permissions based on roles and individual user needs.

Portal 26 dedicated to fostering trust within our organization and platform by ensuring the robust protection of customer data, models, and products. 

At Portal 26, Multi-Factor Authentication (MFA) is enabled for all users to enhance security measures significantly. MFA is a critical component of our security strategy, designed to safeguard user accounts and data by adding additional verification steps beyond just passwords. 

Portal 26's customer data is encrypted in-transit . Portal 26 is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.

Portal 26's customer data is encrypted at-rest. Portal 26 is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.

At Portal 26, we employ a multifaceted approach to code analysis to proactively identify and address issues in both our proprietary code and third-party dependencies. This comprehensive strategy ensures the delivery of high-quality, secure, and reliable software.

Portal 26 rigorously adheres to a formal vulnerability management process, ensuring that vulnerabilities are systematically identified, assessed, and addressed in accordance with a documented Service Level Agreement (SLA). Our approach reflects a commitment to maintaining high standards of security and operational integrity.

The use of Portal 26 including rights, restrictions, and applicable privacy safeguards is governed by our business terms.

Safeguarding customer privacy is a core commitment of Portal 26 Service.

Additional information on our privacy practices can be found at

https://portal26.ai/privacy-policy/

Portal 26 personnel perform security and privacy awareness training on an annual basis. Topics covered include: Passwords, Mobile devices, Social Engineering, Physical security, Phishing, etc.

Portal 26 's data breach notifications are a crucial part of an organization's response to data breaches, ensuring that affected individuals are informed and can take action to protect themselves. These notifications also demonstrate an organization's commitment to transparency and compliance with data protection regulations.

Portal 26 Effectively using cookies, to enhance the user experience, increase engagement, and improve overall business performance.

Portal 26 has a strong internal password policy that includes a requirement for MFA for account that do not support SSO.

Portal 26 safeguards its internal systems with stringent access control measures, continuously monitored and updated in alignment with industry best practices. Our access policies strictly adhere to the principles of least privilege and separation of duties, ensuring that access is granted only to the extent necessary. These policies undergo regular reviews by administrators and are meticulously documented with clear justifications for any provisioning or modifications. Furthermore, access is promptly revoked in accordance with rigorous termination protocols, guaranteeing the highest level of security and integrity for our internal systems.

Portal 26 Security Defense and Intelligence Team actively monitors the environment for known attacker tactics, techniques, and procedures (TTPs), as well as known malicious binaries and other suspicious activities. These regular activities are complemented by periodic reviews and investigations into anomalous activities to discover unknown threats occurring on a regular cadence.

Portal 26 centrally manages and secures all employee endpoints through a Mobile Device Management (MDM) solution. This systematic management allows us to enforce security policies, distribute software and updates, and monitor endpoint integrity.

Portal 26 conducts third-party penetration testing annually and with each new product release to proactively identify and address security vulnerabilities within our system. The results of these tests are meticulously documented, with any findings prioritized for remediation based on their severity.

Portal 26 is committed to maintaining a high level of security and privacy awareness among its personnel through comprehensive annual training programs. This training covers critical topics such as password management, mobile device security, social engineering tactics, physical security, phishing attacks,etc.

Portal 26 maintains a rigorously documented Incident Response Plan that serves as our predefined procedure for handling potential security incidents. This plan is systematically reviewed, tested, and approved by appropriate stakeholders on an annual basis to ensure readiness and effectiveness in responding to security incidents.