DAO Group Security Commitments
Last Updated: 11/30/2022
- All Systems are monitored 24/7 for vulnerabilities and intrusions with automated alerting to a dedicated security team
- All alerts are triaged and escalated based on a standard security policy and reviewed for compliance
- Critical vulnerabilities identified will always be communicated clearly to customers potentially affected
- Customer data and production systems are secured by robust access controls and least privileged access for all roles
- Customer data is backed up nightly and stored in immutable offsite backup storage
- Firewall rules are reviewed on a regular basis to ensure minimum access to the network is enforced
- Security team meets on a weekly basis to define and track security objectives and continually improve system security
- Software security assessments are consistently completed throughout the software release cycle
- All changes to software follow a strict change management policy including complete documentation of every change, test cases and test completion, and standard source control practices.