Security overview
This page summarises the security approach for Guaglio.
Update needed Replace placeholders to match your actual controls and evidence.
- Security contact email
- Backups and retention approach
- Monitoring and incident response approach
Access control
- Least privilege access for staff and systems
- Separate accounts and permissions for app users
- Audit logs for key actions [insert details]
Data protection
- Encrypted connections to the site and app
- Restricted access to production systems
- Data minimisation where practical
Application security
- Input validation and safe defaults
- Dependency updates and vulnerability fixes
- Testing and review before production changes [insert details]
Infrastructure
- Regular patching of the underlying operating system
- Backups and restore testing [insert details]
- Monitoring and alerting [insert details]
Incident response
If we suspect an incident affecting customer data, we investigate promptly and notify affected customers where required by law and contract.
Contact
Security contact [insert security email]