Internal Security Policies and Procedures

Internal Security Policies and Procedures

Security Policies

1. Employees must use 2FA for all logins for which it's available. Where Duo is not available, employees must use stand-alone 2FA.  Whenever possible, the use of 2FA is enforced. 
2. Employees must use complex passwords that are at least 8 characters long and contain uppercase, lowercase and at least one symbol. 
3. Employees must use the company password manager to store any company-related passwords that are not in IT Glue. Do not store company-related passwords in a personal password manager or anywhere else. 
4. Employees must stay current on monthly cyber security training. 

Todyl SASE (Secure Access Service Edge):

SASE is a cloud-based security framework that combines network and security services—such as secure web gateways, firewalls, and zero-trust access—into a single platform. It helps protect users and data no matter where they’re located, ensuring secure access to company resources.

We use Todyl SASE to connect to critical services. Through the use of IP-blocking, users are prevented from connecting to the following services unless the Todyl SGN network client is running on the computer from which the user is attempting access:

  1. Office 365
  2. Autotask
  3. DropBox
  4. Company KB (kb.geekgirlsit.com)
  5. IT Glue
  6. ScreenConnect AD User Login

If you intend to access any of these web sites from your mobile device, please request enrollment of your mobile device in Todyl from Matthew or you won't have access. 

We use Single Sign-ON (SSO) for these services. So once you are connected to one, you can connect to the others in the same browser session without logging in again. We also use SSO for TimeZest. 

Duo 2FA

We use Duo 2FA for 2 Factor Authentication. Once you are enrolled by an admin, you will receive an invitation to install the Duo app on your mobile device. You will need to install the Duo application on your mobile device in order to access these services: 

  1. Office 365
  2. Autotask
  3. Datto RMM
  4. DropBox
  5. Company KB (kb.geekgirlsit.com)
  6. IT Glue
  7. Continuum (RMM) Portal (ITS Portal) 
  8. ScreenConnect AD User Login

Keeper Security Password Management


We use Keeper Security MSP for centralized Password Management. (We also resell this to customers from the Keeper MSP dashboard.)

    • Related Articles

    • Technician On-Site Appointment Procedures

      Please do not perform work that was not assigned in the ticket. If the customer asks for other work to be performed, you must get approval from a senior technician or office admin first. On-Site Visit Procedures Administrative items to bring to every ...

    • Cyber Security Incident Response Plan

      Cyber Security Incident Response Plan (for Incidents Internal to GGIT) This document describes the steps to be taken during a cyber security incident response. For purposes of this plan, our Security Team consists of Roberta and Matthew. You can ...

    • Behavioral Policies and Disciplinary Procedures

      This article applies to all full-time employees. It does not apply to temporary hires such as interns and summer hires. Interns and temporary employees may be terminated at any time based either on their performance or the on the changing needs of ...

    • Instructions for Customer to Bypass Mac Security Setting to Install ScreenConnect or any Other Software

      General Instructions for Customer on Bypassing Mac Security Setting For Installing ScreenConnect or Any Other Software Not Approved By Apple Open your Mac's System Preferences (by clicking on the Apple logo on the top left corner of your screen) and ...

    • Daily Time Policies

      These are our current employee time policies. We expect all employees to follow these policies to ensure a positive and productive workplace. If policies are not followed, corrective action may be taken, which in some cases could include termination ...