SECURITY PROGRAM

Data Protection & Security

Access Control

Access to Amazon information and internal applications is limited to authorized personnel according to job responsibilities and least-privilege principles.

Authentication

Company systems use strong passwords and multi-factor authentication where supported. Credentials and refresh tokens are not embedded in public source code.

Encryption

Information is transmitted using HTTPS/TLS. Sensitive credentials are stored separately from application code.

Endpoint and Network Security

Company-managed devices use operating-system updates, anti-malware protection, firewall controls, restricted permissions and secure backups.

Incident Response

Suspected security incidents are investigated, contained and documented. Incidents involving Amazon information are escalated and reported as required.

Contact

focreedy@focreedy.com