Security by design
Security is considered during design, development, provider selection and operational processes.
Security principles
- Data minimisation.
- Least privilege.
- Access control.
- Secure configuration.
- Monitoring and incident management.
- Continuous improvement.
Access and least privilege
Access to information and systems should be limited according to operational necessity and role.
Third-party providers
Providers are selected with consideration for security, privacy, reliability and applicable contractual safeguards.
Incident response
Potential incidents are assessed according to their nature, severity and possible effect on users, partners and systems.
No absolute guarantee
No connected system can be guaranteed to be completely risk-free. FL360 applies proportionate safeguards and continuously improves them.