SECURITY
POLICY

To ensure BellKahn remains reliable, trusted, and secure in a dynamic environment marked by evolving threats, disruptions, and cyber risks.

This Security Policy reaffirms our dedication to safeguarding all information and assets under our ownership or responsibility. Our goal is to maintain a secure, trusted environment for BellKahn, our employees, and our customers.

• •Implement a risk-based approach to information security
• •Establish and maintain a secure information infrastructure
• •Protect data confidentiality, integrity, and availability
• •Meet applicable legal, regulatory, and contractual requirements
• •Ensure business continuity and resilience

• •Grant access based on least privilege and business need
• •Enforce strong authentication and authorization mechanisms
• •Regularly review and update access permissions

• •Restrict access to data centers and sensitive areas
• •Deploy surveillance, alarms, and physical barriers
• •Protect equipment from environmental threats

• •Classify and label data appropriately
• •Encrypt sensitive data at rest and in transit
• •Secure data disposal mechanisms

• •Maintain a structured incident response plan
• •Detect, report, and respond to security incidents promptly
• •Continuously improve processes based on incident analysis

• •Conduct regular training on security best practices
• •Promote a security-first culture across the organization
• •Include security responsibilities in job roles

• •Regularly audit systems and policies for compliance
• •Adopt international security standards (e.g. ISO/IEC 27001)
• •Corrective actions based on audit outcomes

For questions regarding this policy, contact:

• •Email: [email protected]

(This Security Policy is effective as of July 2025 and may be updated periodically.)