Introduction

At Direct Global Logistics, the security of our website, services, and customer data is a top priority. This Security Policy outlines the measures we take to ensure the confidentiality, integrity, and availability of information processed through our platform. By using our services, you agree to the practices described in this policy.

Objectives of the Security Policy

Our security policy is built around three key principles:

1. Confidentiality: Ensuring that sensitive information, such as personal data and payment details, is accessible only to authorized individuals.

2. Integrity: Protecting data from unauthorized modifications to maintain its accuracy and reliability.

3. Availability: Guaranteeing that our website and services remain operational and accessible to users at all times.

Key Security Measures

1. Data Encryption

• All communications between the user’s device and our website are encrypted using the latest version of the HTTPS protocol (TLS).

• Sensitive information, such as login credentials and payment details, is securely transmitted and stored.

2. Access Control

• Administrative access to our systems is restricted to authorized personnel only.

• We apply the principle of “least privilege,” ensuring that users only have access to the resources necessary for their tasks.

• Multi-factor authentication (MFA) is implemented for administrative accounts to enhance security.

3. Website Protection

• Regular vulnerability scans are conducted using tools like OWASP ZAP to identify potential threats.

• The website is protected against common cyberattacks, including SQL injections, cross-site scripting (XSS), and URL manipulations.

• A Web Application Firewall (WAF) is in place to detect and block malicious traffic.

4. User Authentication

• Strong password policies are enforced for all user accounts.

• Passwords are stored in encrypted formats using industry-standard hashing algorithms.

• Users are encouraged to enable two-factor authentication (2FA) for additional security.

5. Monitoring and Incident Response

• Our systems are monitored 24/7 for suspicious activity or unauthorized access attempts.

• In case of a data breach or security incident, we follow a predefined incident response plan to contain, investigate, and resolve the issue promptly.

• Affected users will be notified immediately if their data is compromised.

6. Software Updates

• All software components used on our website are regularly updated to address known vulnerabilities.

• We adhere to best practices outlined by organizations like OWASP and ANSSI.

7. Data Backup

• Regular backups of critical data are performed to ensure recovery in case of hardware failure or cyberattacks.

• Backups are encrypted and stored in secure locations.

User Responsibilities

To enhance security, we encourage users to:

• Use strong, unique passwords for their accounts.

• Avoid sharing login credentials with others.

• Enable two-factor authentication (2FA) when available.

• Report any suspicious activity or potential vulnerabilities they encounter on our platform.

Compliance with Regulations

Direct Global Logistics complies with relevant international security standards and regulations, including:

• The General Data Protection Regulation (GDPR)

• Irish Data Protection Acts

• Recommendations from cybersecurity authorities such as OWASP and ENISA

Policy Updates

This Security Policy may be updated periodically to reflect changes in technology or regulatory requirements. The latest version will always be available on our website. Last updated: March 15, 2025.

Contact Information

For questions or concerns about this Security Policy or to report a security issue, please contact us at:

Email: security@direct-global-logistics.com
Phone: [Insert phone number]

Our team is committed to ensuring your data remains secure while using our services.