Incident Response Policy — Tarosyn
This policy describes how Tarosyn detects, contains, investigates, and communicates security incidents, including our breach notification commitment.
Detection & Triage
Tarosyn monitors infrastructure and application logs continuously. Anomalous activity triggers automated alerts reviewed by the engineering team within 1 hour during business hours and within 4 hours at other times.
Containment
On confirmation of an incident, affected systems are isolated, credentials rotated, and unauthorized access revoked immediately. The scope of the incident is then assessed before remediation begins.
Notification
- Users: Affected users are notified by email within 72 hours of a confirmed breach that exposes personal data, in line with GDPR Article 33 requirements.
- Authorities: Relevant supervisory authorities are notified within 72 hours where required by law.
- Public: Material incidents are disclosed on the Status page once containment is confirmed.
Post-Incident
Each incident is followed by a root-cause analysis and remediation report. Key findings are used to strengthen controls and update our Information Security Policy.