IT Security Awareness and refreshment Session

[Audio] Introduction to IT Security Awareness and refreshment Session.

[Audio] Introduction IT Policy /SOP and Best Practices IT Security IT help desk and Escalations Escalation Contacts.

[Audio] IT Policy: It is Basically a set of rules and guidelines that an organization establishes to govern how its information technology (IT) assets are accessed, used, and managed, aiming to protect data confidentiality, integrity, and availability. IT Security: is the practice of implementing measures to safeguard an organization's IT systems and data from unauthorized access, cyber threats, and other malicious activities, often guided by the established IT policies.

[Audio] Access Control Policy This access control policy is designed to take account of the business and information security requirements of the organization This control applies to all systems, people and processes that constitute the organization's information systems, including board members, directors, employees, suppliers and other third parties who have access to CIEL Textile Ltd systems. Access provisioning: The access provisioning is restricted and based on permission and approval to all. Removal of access provisioning: Access decommissioning will be based on HOD / HR request, it can also be based on during IT regular review as well. System / Application administrator will help us with access provisioning and to remove the access..

[Audio] Access Control Policy (Internal ,external ) User Responsibility: It is vital therefore that every user plays his or her part in protecting the access they have been granted and ensuring that their account is not used to harm the organization. Use a strong password i.e. one which is in line with the rules set out in this policy Never tell anyone their password or allow anyone else to use their account Not record the password in writing or electronically e.g. in a file or email Avoid using the same password for other user accounts, either personal or business-related Ensure that any PC or device they leave unattended connected to the network is locked or logged out Leave nothing on display that may contain access information such as login names and passwords Inform the IT Department of any changes to their role and access requirements.

[Audio] Anti-Manware Policy: Malware is any code or software that may be harmful or destructive to the information processing capabilities of the organization In order to prevent the infection of CIEL Textile Ltd computers and networks and avoid the potentially dire consequences of such infection, there are several key controls that will be adopted as policy. This threat can come from several sources including: Virus Trojan Worm Logic Bomb Root kit KeyLogger Backdoor Adware Bot Spyware Crypto locker / Ransomware.

[Audio] Anti-Manware Policy: How malware spreads: Pishing Websites and mobile code Removable media Hacking Connecting to Unknown network Prevention: Firewall Licensed Anti Virus Spam Filter Sandbox Detection User Awareness Training Application and OS with latest security patches.

[Audio] Asset management Policy: We have wide variety of assets under its control. The IT Assets can be Hardware Software We have Asset management tool in place to track the asset movement and the status of the asset Assigning of Asset to a employee is on approval basis and its availability Revoking / returning of asset is the responsibility of individual employee when no longer required or may be during his separation Disposal of Asset: This will be decided by IT team based on the ageing of Asset / technology of the asset The disposal happens through a nominated E-waste management vendor.

[Audio] Backup Policy: Regular backups of essential business information must be taken to ensure that the organization can recover from a disaster, media failure or other form of error. IT team will take care of data Backup based on Scope, schedule and location of backups Backup methods and data formats Retention periods for backups the integrity of backups Restoration and testing procedures, including restoration timescales during a disruptive event Use of encryption How backups are segregated in a multi-tenant cloud environment Frequency and method of reviews of backup and recovery procedures Backup from laptop / Desktop will not be taken by IT. It is user responsible to keep all the importatnt data to store on a share folder or on to OneDrive Cloud storage.

[Audio] Email Policy IT shall configure an email address after receiving the details from HR for new joiners and from respective HOD/HOF for present employees for official communication. Normal process of email address allocation will be as [email protected] subject to the availability User should avoid sending greetings towards festivals and New Year. If any such email is received, user should not reply and should delete the email without opening the mail or attachment. This needs to be followed strictly to avoid chocking of internal bandwidth as well as external threats. Usage of AIPL's email system in any way that may be interpreted as insulting, disruptive or offensive by any other person, or company, or which may be harmful to AIPL morale should be avoided. Forwarding of chain letters internally and sending messages to, multiple destinations will be considered as 'spamming', which is an illegal activity in India and many countries. Owner of the email address will be considered as the author for all the messages originating from his / her email address. So users must ensure confidentiality of login credentials..

[Audio] IT Policies and SOP can be accessed by all the employees through PeopleStrong HRIS Portal under below path and screen Path: HRIS  Self Service  Policy and Process Details.

[Audio] Certainly! Here is the explanation of the IT organization structure as depicted in the organogram: **Top Management:** ** Group CEO (Eric Dorchies) **Managing Director (B M K Nagesh):** The highest authority in the company, overseeing all operations including IT. **Chief Financial Officer (Sathisha C):** Handles the financial aspects of the company, ensuring financial health and resource allocation. **IT Leadership:** **Global Head – IT (Ravi Prakash D):** Leads the global IT strategy and operations, ensuring alignment with business goals. **Deputy. General Manager – IT (Srinivasa Rao K):** Assists the Global Head in managing IT operations and strategies, providing support in decision-making and execution. **IT Management:** **Manager - IT (Nagaraj A):** Manages the day-to-day IT operations and teams, ensuring smooth functioning and addressing any issues that arise. **Specialized Roles:** **Sr. Consultant - ERP (Jayaprakasha M):** Manages Enterprise Resource Planning (ERP) systems, ensuring they meet business requirements and operate efficiently. **Data Analyst (V Nagendranath):** Analyzes data to provide insights and support decision-making processes. **Data Analyst (Raviteja):** Manages Enterprise Resource Planning (ERP) systems, ensuring they meet business requirements and operate efficiently. **System Administration Team:** ** We have a dedicated system administration team across all the factories to ensure the smooth operation and security of all our technological infrastructure. **Senior System Administrator (Nithin C):** Manages and maintains IT systems, ensuring their optimal performance. **System Administrator (Arun K):** Similar role focusing on maintaining IT infrastructure. **System Administrator (Sampath Shet):** Provides support in managing IT systems and addressing any issues. **System Administrator (Sujay):** Assists in the maintenance and management of IT infrastructure. This structure outlines the hierarchy and roles within the IT department, ensuring clear responsibilities and efficient management of IT resources and operations..

[Audio] You can raise a incident ticket with all IT related queries / concerns by logging in by https://itdesk.aquarelleindia.com Or By sending a mail by marking it to [email protected] This will help us to track your issues / concerns.

[Audio] We appreciate your time and attention during this IT Security Awareness session. If you have any questions or need further assistance, please do not hesitate to reach out to the IT team..