SECURITY POLICIES

Security commitments to patrons and governing authorities are documented and communicated in Service Level Agreements (SLAs) and other customer agreements, as well as in the description of the service offering provided online. 

Security commitments are standardized and include, but are not limited to, the following:

‍

• Security principles within the fundamental designs of the Mojo platform that are designed to permit system users to access the information they need based on their role in the system while restricting them from accessing information not needed for their role.
  ‍
• Use of encryption technologies to protect patron/ customer data both at rest and in transit.

‍

Mojo establishes operational requirements that support the achievement of security commitments, relevant laws and regulations, and other system requirements. Such requirements are communicated in Mojo’s system policies and procedures, system architectural design documentation, and contracts with customers. 

Information security policies define an organization-wide approach to how systems and data are protected. These include policies around how the service is designed and developed, how the system is operated, how the internal business systems and networks are managed and how employees are hired and trained. In addition to these policies, standard operating procedures have been documented on how to carry out specific manual and automated processes required in the operation and development of the Mojo platform.

‍