Security Policy

1. Introduction

At Franklin Technology Services LLC ("Franklin," "we," "us," or "our"), we prioritize the security and privacy of our customers' data. This Security Policy outlines our practices to protect the integrity, confidentiality, and availability of information within our systems and services.

2. Physical and Environmental Security

Our data centers are designed with multiple layers of physical security to prevent unauthorized access:

• 24/7 Monitoring: Continuous surveillance and monitoring systems are in place to detect and respond to any physical security incidents.
• Access Controls: Biometric scanners, keycard access, and security personnel ensure that only authorized individuals can access sensitive areas.
• Environmental Controls: HVAC systems maintain optimal operating conditions, and fire suppression systems are installed to protect hardware.
• Redundancy: Power supplies are backed by uninterruptible power sources (UPS) and generators to ensure continuous operation.

3. Network and Data Security

We implement robust measures to protect data as it traverses our networks and resides within our systems:

• Encryption: All data in transit is secured using Transport Layer Security (TLS), and data at rest is encrypted using industry-standard protocols.
• Firewalls and Intrusion Detection: Advanced firewalls and intrusion detection systems monitor and control incoming and outgoing network traffic.
• Regular Audits: We conduct periodic security audits and vulnerability assessments to identify and mitigate potential risks.

4. Access Control and Authentication

To ensure that only authorized users can access our systems:

• User Authentication: Multi-factor authentication (MFA) is required for access to sensitive systems.
• Role-Based Access: Access rights are assigned based on job responsibilities, following the principle of least privilege.
• Session Management: User sessions are monitored and automatically terminated after periods of inactivity.

5. Data Protection and Privacy

We are committed to protecting customer data and ensuring privacy:

• Data Minimization: We collect only the data necessary to provide our services and retain it only as long as needed.
• Anonymization: Where possible, personal data is anonymized to protect user identities.
• Third-Party Compliance: Vendors and partners are required to adhere to our security standards and are regularly assessed for compliance.

6. Incident Response and Reporting

In the event of a security incident:

• Response Plan: We have an established incident response plan to quickly address and mitigate security breaches.
• Notification: Affected parties will be notified promptly in accordance with applicable laws and regulations.
• Continuous Improvement: Post-incident analyses are conducted to improve our security posture and prevent future occurrences.

7. Employee Training and Awareness

Our employees are our first line of defense:

• Security Training: All employees undergo regular training on security best practices and data protection policies.
• Acceptable Use Policy: Employees are required to adhere to our Acceptable Use Policy, which outlines proper handling of company resources and data.

8. Compliance and Certifications

Franklin Technology Services LLC complies with industry standards and regulations:

• Regulatory Compliance: We adhere to applicable laws and regulations concerning data protection and telecommunications.
• Certifications: Our systems and processes are regularly reviewed to maintain compliance with recognized security standards.

9. Responsible Disclosure Policy

We value the contributions of the security community in identifying potential vulnerabilities:

• Reporting: If you discover a security vulnerability, please report it to us at security@ftsv.net.
• Commitment: We commit to investigating all reported vulnerabilities and taking appropriate action.
• Recognition: We acknowledge and appreciate the efforts of researchers who help us improve our security.

10. Contact Information

For any security-related inquiries or reports:

This Security Policy is subject to change. We encourage you to review it periodically to stay informed about how we are protecting your information.