I'm back writing a college task for my Network and Information Security class. This time the task is to write some policy strategies based on all the threats I already mention in the previous post.
Read it here Company information security analysis
.
I picked is a local Indonesian hosting company, namely Rumahweb. Rumahweb did a great job in making a policy. I will write what I understand.
General Agreement
Consists of several point of agreement between the company and the customer that is
- Subject of Agreement
- Validity of Agreement
- Service Agreement
- Service Policy
- Customer Rights and Obligations
- Customer Support
- Agreement Changes
- Violations and Sanctions
- Disclaimer
- Dispute resolution
There is a lot of stuff, you can read more here
Domain Service Agreement
Agreement that focused on the domain services, consists of
- Service Definition
- Customer Rights and Obligations
- Rumahweb's Rights and Responsibilities
- Deletion and Termination of Service
- Uniform Domain Name Dispute Resolution Policy (“UDRP”)
- Costs
Read more about it here
Web Hosting Service Agreement
The main agreement between Rumahweb and the customer for the main service which is a web hosting service. Overall it is similar to previous agreement with the addition of:
- Service Guarantee
- Claims for Service Warranty Failure
Privacy Policy
Next we will be looking at the privacy policy. It is covering what data they collected, how will they use the data, third-party authentication, data confidentiality limits and the data security.
What's written in the data security policy is that Rumahweb Indonesia tries its best to protect customers' personal/company data from parties who are not authorised to obtain such data, except to do the things mentioned in Data Use.
That's so simple policy I'd say. Read the policy here
Acceptable Use Policy (AUP)
Acceptable Usage Policy is a policy on the use of Rumahweb Indonesia facilities which are included in the services used by customers.
It covers:
- Website content
- Hosting account usage
- E-mail facility usage
- Hosting resource usage
- VPS/Cloud Server service usage
- Titan Email/Flockmail service usage
- Alibaba Cloud VPS service usage
- Sanctions Against Violations
- Handling Violations/Abuses
- Contact Abuse
- Abuse Report Tracking
Read full here
Service Level Agreement (SLA)
The last thing is the agreement in the level of service, it requires customer to understand the other policies first.
The inside is consists of:
- Internet Connectivity Uptime Guarantee
- Server Uptime Guarantee
- Data Security Guarantee
- Claim for Warranty Failure
- Approval of Premium WordPress Plugins and Themes
- Alibaba Cloud VPS Service Definition
- Alibaba Cloud VPS Service Downtime Guarantee
- Alibaba Cloud VPS Downtime Guarantee Failure Claim Process
- Disclaimer
- Amount of Compensation for Service Failure
- Tax Collection
- Billing and Payment
- Refund Policy
Read full story here
Wrap-up
Well, I know it's kind of lazy writing that just write the sub-heading of the content. At the very least you learn about policy of a hosting provider so you could prepare for it in case you want to open one. Thanks.
Top comments (0)