Goelett commits to set of Technical and Operational measures for information security among these measures are:
- Tracking changes in all production databases, logging application errors, monitoring performance of the application, to be able to fulfill incident response plan,
- Identifying, managing, mitigating and or remediating vulnerabilities by: patch management, anti0virus/anti-malware protection, vulnerability scanning and periodic penetration tests,
- Encrypting data when stored and transit,
- Securing networks by use of firewalls and Web Application Firewall, remote access control, network segmentation, detection and automated response to unauthorized or malicious network activity, automated vulnerability scans, periodic penetration tests, encryption,
- Proper media handling, forcing encryption, secure data removal and equipment disposal,
- Protecting workplace by monitoring and automated patching of end-user devices, anti-virus/anti-malware software,
- User access management, with proper controls for requesting, granting, revoking, and revalidating user access and proper implementation of role based system.