Remote Access Policy - Bmotik

Purpose

The purpose of this Remote Access Policy is to establish guidelines and procedures for secure and authorized remote access to Bmotik systems and resources. This policy ensures the confidentiality, integrity and availability of company data while supporting a remote work environment.

2. Scope

This policy applies to all Bmotik employees and contractors requiring remote access to company systems and data.

3. Authorized Users

Remote access is limited to authorized individuals, including employees and contractors, whose job responsibilities require such access. Authorization is granted based on job duties and responsibilities.

4. Access Methods

In the case of employees, access will be exclusively with the IAM google user provided by the company.

Other authorized users can access Bmotik systems remotely using the following approved methods:

- Virtual Private Network (VPN)
- bmotik's own platforms with secure username and password provided by bmotik
- Secure SaaS platforms (e.g., collaboration tools, project management tools)

Multi-factor authentication (MFA) is mandatory for all remote access methods.

5. Security Requirements

- Users should ensure that their devices are equipped with up-to-date antivirus software.
- Devices used for remote access must be patched regularly and comply with Bmotik security settings.
- Passwords used on devices involving access to any platform, SaaS or product related to bmotik, its customers or suppliers, must comply with the company's password policy.

6. Authentication

For bmotik employees the only authorized authentication is through the google IAM assigned by the company. Authentication mechanisms, including strong passwords and MFA, are required for remote access.

In all cases, for related access, passwords must be unique, complex and changed regularly.

7. Encryption

All data transmitted over remote connections must be encrypted. This includes the use of SSL/TLS for web-based connections and IPsec for VPN.

8. Monitoring and Auditing

Bmotik will monitor remote access activities to identify and address any unauthorized or suspicious activity. Periodic audits will be conducted to ensure compliance with this policy.

9. Guidelines for Remote Work

- Remote employees are expected to maintain regular working hours and be accessible during standard business hours.
- Communication tools, project management tools and collaboration platforms must be used consistently and securely for effective remote collaboration.

9.1 Remote Access Point Configuration

Remote access points used by bmotik employees or collaborators when connecting to assets or associated services, including those used for Wi-Fi networks, must be configured with the following minimum specifications:

- Use Advanced Encryption Standard (AES) for encryption.

- Wi-Fi Protected Access 2 (WPA2) for securing the wireless network.

In no case should you access the assets or associated services while connected to public or unsecured networks.

9.2 Device Security

Devices used for remote access must comply with enterprise security standards, including operating system updates and compliance with security settings.

All devices used for remote access must have the latest operating system updates and security patches provided by the manufacturer installed.

Devices should be protected by strong, unique passwords and/or biometric systems. Using MFA for access involving sensitive data.

Devices should be configured to activate sleep or auto-lock functions after periods of inactivity longer than 30 minutes to protect data.

Users must immediately report the loss or theft of devices used for remote access to the IT and security departments. Appropriate incident response procedures shall be followed.

The company reserves the right to perform periodic audits on devices used for remote access to ensure compliance with security policies.

10. Incident Response

In the event of a security incident related to remote access, employees must report it immediately. Bmotik will follow an incident response plan to investigate and mitigate security breaches. This plan can be found in clause 6 of the information security policies of bmotik.

11. Compliance

This Remote Access Policy aligns with applicable laws, regulations and industry standards governing data protection and privacy.

12. Training and Awareness

Employees will receive ongoing training and awareness programs to keep them informed of best safety practices and policy compliance.

13. Policy Review and Updates

This policy will be reviewed annually and updated as necessary to ensure its relevance and effectiveness.

Last update: January 22, 2024

Solutions

Products

Additional

Blog

Tips, news and more

Hardware

List of equipment recommended by bmotik (sale and rental) for events, immersive experiences, etc.

Referral Program

Do you know someone who organizes events or who could benefit from Bmotik's platforms? Refer them to us and win amazing incentives!

Developers

Consult our API to integrate your own digital assets with our registration and logistics App.

quiscos de auto impresion bmotik. Sistema de registro para eventos

Learn more about the EventTech industry and the cutting-edge technologies that are increasingly in demand at events of all kinds.

SCHEDULE A DEMO