<aside>
๐ป
PHENOM ELITE โ CYBERSECURITY POLICY ยท Effective 2026 ยท Applies to all employees, contractors, consultants, and third-party affiliates
</aside>
๐ฏ Purpose
Phenom Elite is committed to protecting the confidentiality, integrity, and availability of all company information and systems. This policy outlines the cybersecurity standards every team member must follow to keep our data, tools, and operations secure.
๐ค Responsibilities
<aside>
๐ข
Leadership (Nathan Dorton โ CEO)
- Oversees implementation and enforcement of this policy
- Conducts regular reviews and updates
- Acts as the primary IT contact for reporting security incidents
</aside>
<aside>
๐ฅ
All Team Members
- Follow all cybersecurity policies and procedures
- Report suspicious activity or security incidents to Nathan immediately
- Store all company data within Google services โ never on personal devices
- Participate in cybersecurity training when requested
</aside>
๐ Access Control
<aside>
๐
Passwords & MFA
All team members must use strong, unique passwords and enable multi-factor authentication (MFA) on all company accounts โ Google, HubSpot, Shopify, and Signal. Never share login credentials with anyone.
</aside>
- Access to systems and data is granted on a least-privilege basis โ you get access to what you need, nothing more
- User accounts must be created, managed, and deactivated per company procedures
- When a team member leaves, access is revoked immediately
๐๏ธ Data Protection
- All company data must be stored in Google services (Google Drive, Google Workspace) โ not on personal devices or local hard drives
- Sensitive data must be encrypted in transit and at rest within Google's infrastructure
- Regular backups of critical data are performed and tested via Google services
- All data should be classified by sensitivity and handled accordingly