Cyber security policy template

This cyber security policy template can be used and customized for your company’s specific needs and requirements. Use this Cyber security policy template to set up your company's HR Policies and Procedures. This Cyber security policy template can also help you to stay compliant with specific rules and regulations.

Hire with remarkable speed and efficiency
Applicant Tracking, Recruitment Marketing, Sourcing and Talent CRM software are powerful alone, but unstoppable when used together!
Request a demo

Cyber security policy

What is the purpose of cyber security policy?

Cyber crimes are becoming more and more common across the world, making cyber security of of the top priorities for everyone. Consequently, there has been a rapid increase in various cyber laws. 

In order to protect your company from numerous cyber crimes, you should have a clear and organized cyber security company policy. 

Example of Cyber security policy template

This cyber security policy is for our employees, vendors and partners to refer to when they need advice and guidelines related to cyber law and cyber crime. Having this cyber secruity policy we are trying to protect [company name]'s data and technology infrastructure. 

This policy applies to all of [company name]'s employees, contractors, volunteers, vendors and anyone else who may have any type of access to [company name]'s systems, software and hardware. 

Examples of Confidential Data

Some of the common examples of confidential data include: 

  • Classified financial information 
  • Customer data
  • Data about partners
  • Data about vendors
  • Patents, formulas or new technologies

Device Security- Using personal devices

Logging in to any of company's accounts for personal devices such as mobile phones, tablets or laptops, can put our company's data at risk. [company name] does not recommend accessing any company's data from personal devices. If so is inevitable, employees are obligated to keep their devices in a safe place, not exposed to anyone else. 

We recommend employees to follow these best practices:

  • Keep all electronic devices' password secured and protected 
  • Logging into company's accounts should be done only through safe networks 
  • Install security updates on a regular basis
  • Upgrade antivirus software on a regular basis
  • Don't ever leave your devices unprotected and exposed
  • Lock your computers when leaving the desk

Email Security

Emails can carry scams or malevolent software (for example worms, bugs etc.). In order to avoid virus infection or data theft, our policy is always to inform employees to: 

  • Abstain from opening attachments or clicking any links in the situations when its content is not well explained
  • Make sure to always check email addresses and names of senders. 
  • Search for inconsistencies  
  • Be careful with clickbait titles (for example offering prizes, advice, etc.)

In case that an employee is not sure if the email received, or any type of data is safe, they can always contact our IT specialist. 

Managing Passwords

To ensure avoiding that your company account password gets hacked, use these best practices for setting up passwords:

  • At least 8 characters (must contain capital and lower-case letters, numbers and symbols) 
  • Do not write down password and leave it unprotected  
  • Do not exchange credentials when not requested or approved by supervisor
  • Change passwords every [x] month

Transferring Data

 Data transfer is one of the most common ways cybercrimes happen. Follow these best practices when transferring data: 

  • Avoid transferring personal data such as customer and employee confidential data
  • Adhere to personal data protection law
  • Data can only be shared over company's network

Working Remotely 

Even when working remotely, all the cybersecurity policies and procedures must be followed. 

Disciplinary Action 

When best practices and company's policy are not followed, disciplinary actions take place.

Some of the examples of disciplinary actions include:

  • In case of breaches that are intentional or repeated, and are harmful to our company, [company name] will take serious actions including termination
  • Depending on how serious the breach is, there will be [x number] of warnings
  • Each incident will be evaluated
  • Each case and incidence will be assessed on a case-by-case basis
  • Everyone who disregards company's policies will face progressive discipline

More examples of company's policies and procedures

Didn't find the policy you are looking for? Check out the list of all of our company policies and procedures

Do you use a modern recruitment software? If not, you're missing out. See how your life can be easier. Start your free 14-day TalentLyft trial.

Start my free trial