Laughing Rock Technology (LRT) understands the importance of client data and takes steps to secure and protect it while under our management. Our policies regarding data ownership and protection are focused on providing clients with confidence that their data remains secure.
Organizational Controls
LRT personnel are expected to be competent, thorough, helpful, and courteous stewards of customer information that is stored on LRT systems or managed by LRT. LRT has established a number of measures to ensure that customers and their data are treated properly.
Privacy and Control Mechanisms
LRT only uses the information provided by our customers to deliver the products and services purchased. All customer data is managed in compliance with our Privacy Policy.
LRT Employees
All employees are required to accept and acknowledge LRT’s policies for nondisclosure and protection of LRT and third-party confidential information, including acceptable use of confidential information. In the course of assisting customers with their technology solutions, LRT support technicians understand that they may come into contact with customer communications and/or customer data and they must keep this information confidential.
Training
Technicians who support LRT products are prepared in a variety of ways. New tier 1 technicians receive training with tier 2 and tier 3 technicians and the operations management team. New support technicians also spend a period of time as an understudy to an established technician for each LRT service and product. Product knowledge is tested, and all technicians are expected to meet a pre-defined standard before supporting customers directly.
All LRT support technicians receive ongoing, product-specific training.
When an employee or contractor leaves LRT, a formal process is in place to immediately revoke physical and network access to LRT facilities and resources.
Security
LRT has established security measures to protect their localized network and cloud based systems. These security measures include but are not limited to: secured network access, secured physical access, active security and data loss prevention technologies, password rotation policies, and secured data transfer policies.
Separation of client data
LRT takes strong measures to protect customer data from inappropriate use or loss and to prevent clients from gaining access to one another’s data.
Ensuring Control and Security of Client Data
LRT uses encryption to safeguard client data and help maintain control over it.
When client data moves over a network, LRT uses industry- standard secure transport protocols between user devices and external client networks.
When hard media, previously used for storage a hardware failure, it is securely erased or destroyed. All of the data on the drive is completely overwritten to ensure that the data cannot be recovered by any means.
Security Incident Notification
If LRT becomes aware of any unlawful access to any Customer Data stored on LRT’s equipment or in LRT’s facilities that results in the loss, disclosure or alteration of Customer Data (each a “Security Incident”), LRT will promptly (1) notify Customer of the Security Incident; (2) investigate the Security Incident; and (3) take reasonable steps to mitigate the effects of, and minimize any damage resulting from, the Security Incident.
Security Incidents Notification(s) will be delivered to one or more Customer administrator by a means selected by LRT, including via email. It is Customer’s sole responsibility to ensure that its administrators maintain accurate contact information with LRT. LRT’s obligation to report or respond to a Security Incident under this section is not an acknowledgement by LRT of any fault or liability with respect to a Security Incident.
Customer must notify LRT promptly of any possible misuse of its accounts or authentication credentials or any security incident related to any service.
