The purpose of this policy is to establish the organizational requirements for Systems Integration and Integrity monitoring and logging to ensure we operate within a secure infrastructure, using methods that meet or exceed industry best practice as well any governing compliance frameworks necessary to support our customers.

Provide guidance to operation methods and processes that must be maintained to conform with these policies.

Identify, report, and correct system flaws in a timely manner.

Provide protection from malicious code at designated locations within organizational systems.

Monitor system security alerts and advisories and take action in response.

Update malicious code protection mechanisms when new releases are available.

Perform periodic scans of organizational systems and real-time scans of files from external sources as files are downloaded, opened, or executed.

Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.

Identify unauthorized use of organizational systems.

• All workstations and servers owned and operated by DLZP Group are required to run TrendMicro Antivirus software.
• NEVER open any files or macros attached to an email from an unknown, suspicious or untrustworthy source. Delete these attachments immediately, then “double delete” them by emptying the computer’s Recycle Bin.
• Delete spam, chain, and other junk email without forwarding, as per DLZP Group’s Acceptable Use Plan.
• Never download files from unknown or suspicious sources.
• Avoid direct disk sharing with read/write access unless there is absolutely a business requirement to do so.
• Always scan removable disks from an unknown source for viruses before using them.
• If testing conflicts with anti-virus software, run the anti-virus utility to ensure a clean machine, disable the software, then run the test. After the test, enable the anti-virus software. When the anti-virus software is disabled, do not run any applications that could transfer a virus, e.g., email or file sharing.
• New viruses are discovered almost every day. Virus definitions are automatically updated by TrendMicro.

This Plan defines the backup Plan for computers within DLZP Group which have their data backed up. These systems are typically servers but are not necessarily limited to servers. Servers backed up include file, mail, database, application, and web.

This Plan is designed to protect data within DLZP Group to be sure it is not lost and can be recovered in the event of an equipment failure, intentional destruction of data, or disaster.

This Plan applies to all equipment and data owned and operated by DLZP Group, Inc.

Backups are performed per the clients Contract or Statement of Work.

Full data replication of scanned files and reports, and scanned billing documentation and invoices is done real time using AWS data replication technology. DLZP Group also utilizes other AWS services to replicate production data to alternate site and/or disaster recovery standby databases. As data is changed on the production systems, that data is replicated to standby databases. This is done realtime. In case of primary database failure, the standby database can configured as the primary database with minimal configuration changes.