Firstly, pre-employment screening is conducted prior to hiring new employees, background checks are using recruitment at Coassemble.

All Coassemble employees undergo an induction module outlining best practices for information security, including (but not limited to):

Regarding access management systems, each employee has a username and password (for Google Office) which functions as an access management system for most business applications, infrastructure and services. We utilize 2 Factor Authentication on all Business platforms that hold company data and have clear signed policies and risk mitigation strategies in place Company directors control the access management system, ensuring that employees only have access only to appropriate level for systems required in day-to-day operations (for example, Mercurial).

All login attempts are recorded, including SSH access, to managed infrastructure to ensure we have a log of any actions performed by Coassemble employees.

Additionally, using our Coassemble access management system, employee permissions can be easily revoked at short-notice. This is also agreed upon with any remote staff and is indicated in Staff Policies signed by all staff.

Ensuring the security of external staff

All Coassemble contractors undergo an induction module outlining best practices for information security, including (but not limited to):

Regarding access management systems, sub-contractors are not granted permissions via our access management system.