At IT Weapons we endeavour to be responsible and transparent corporate citizens.
If you have any questions or concerns please let us know: policies@itweapons.com
Privacy Policy
IT Weapons believes privacy is a central issue of Internet use. We work hard to keep reasonable measures in place to assure the anonymity of visitors to the IT Weapons web site(s). IT Weapons feels as part of responsible disclosure that web site visitors and users be made aware of what information is being logged and recorded.
To maintain and improve site quality and integrity, IP addresses are logged (the Internet Protocol addresses of computers). This log is a standard method of reporting to statistically review and further develop our web site experience. We also log the type of browser and operating system you are using. These detailed analytics enable our web development team to develop the IT Weapons site to be rendered as intended when designed in all top level browsers and operating systems. We do not link IP addresses to personally identifiable information.
Like many other commercial web sites, the IT Weapons’ web site may use a standard technology called a “cookie” to collect information about how you use the site. Cookies were originally designed to help a web site distinguish a user’s browser as a previous visitor and thus save and remember any preferences that may have been set while the user was browsing the site. A cookie is a small string of text that a web site can send to your browser. A cookie cannot retrieve any other data from your hard drive, pass on computer viruses, or capture your e-mail address. Currently, web sites use cookies to enhance the user’s visit; in general, cookies can securely store a user’s ID and password, personalize home pages, identify which parts of a site have been visited or keep track of selections in a “shopping cart.” It is possible to set your browser to inform you when a cookie is being stored – this way, you have the opportunity to decide whether to accept or decline the cookie.
At times we may request that you voluntarily supply us with personal information, such as your e-mail address, for purposes such as corresponding with us, registering at a site, participating in an online survey or signing up for an event.
Information Use
When you supply IT Weapons with your personal information, we may use the information to learn more about you so that we can develop better methods of communication and solution offerings or use the information to inform you about new products, services and offers that may be of interest to you. AT NO TIME will IT Weapons sell your personal information, or use it in any other way, not mentioned here.
Declining E-mail Offers
Although most customers tell us they appreciate receiving notice of these opportunities, we recognize the importance of providing you with choices. At any time after receiving an e-mail offer from IT Weapons, you may request to discontinue receiving these offers. All e-mail offers that you receive from IT Weapons will inform you of how to decline further e-mail offers in the bottom footer, or as noted by the “Unsubscribe” text link. Our partners may have different policies, in this case IT Weapons can not be held responsible.
Privacy Policy Changes
IT Weapons privacy statement is subject to change at any time and without notice.
Accessibility Policy
Accessibility Standards for Customer Service as Required by the Accessibility for Ontarians with Disabilities Act (AODA 2005)
The following policy, practices and procedures have been established by IT Weapons Inc. to govern the provision of its services in accordance with the Accessibility for Ontarians with Disabilities Act, 2005 and Regulation 429/07, “Accessibility Standards for Customer Service.”
-
Our mission
The mission of IT Weapons Inc. is to ensure that its policies, practices and procedures for the provision of its services are consistent with the principles outlined in the Accessibility Standards for Customer Service to effectively provide services to people with disabilities.
-
Our commitment
In fulfilling our mission, IT Weapons Inc. strives at all times to provide its goods and services in a way that respects the dignity and independence of people with disabilities. We are also committed to giving people with disabilities the same opportunity to access our goods and services and allowing them to benefit from the same services, in the same place and in a similar way as other customers.
-
Providing goods and services to people with disabilities
IT Weapons Inc. is committed to excellence in serving all customers including people with disabilities and we will carry out our functions and responsibilities in the following areas:
-
Communication
When communicating with a person with a disability, IT Weapons Inc. will communicate in a manner that takes into account the person’s disability.
-
Telephone services
IT Weapons Inc. is committed to providing fully accessible telephone service to our customers. We will train staff to communicate with customers over the telephone in clear and plain language and to speak clearly and slowly. We will offer to communicate with customers by email, if telephone communication is not suitable to their communication needs or is not available.
-
Assistive devices
IT Weapons Inc. recognizes that some individuals with disabilities use assistive devices in order to access our services. IT Weapons Inc. will permit these individuals to use their assistive devices to obtain, use or benefit from its services.Should an individual with a disability be unable to access IT Weapons Inc. services through the use of their own personal assistive device, IT Weapons Inc. will determine if service is inaccessible, based upon the individual requirements, assess service delivery and potential service options to meet the needs of the individual.
-
Billing
IT Weapons Inc. is committed to providing accessible invoices to all of our customers. For this reason, invoices will be provided in the following formats upon request: hard copy, or PDF format.
The company will answer any questions customers may have about the content of the invoice in person, by telephone or email.
-
-
Service Animals
IT Weapons Inc. recognizes that some individuals with disabilities may require the use of guide dogs or other service animals in order to access services. Persons with disabilities who are accompanied by a guide dog or other service animal will be permitted to enter the parts of our premises that are common areas and to keep the animal with them, unless the animal is otherwise excluded by law from the premises.
-
Support Persons
The Board further recognizes that some individuals with disabilities rely on support persons for assistance while accessing services. A person with a disability who is accompanied by a support person will be allowed to enter IT Weapons Inc.’s premises together with the support person and will not be prevented from having access to the support person while on our premises.
-
-
Staff Training
IT Weapons Inc. will provide training to applicable staff about the provision of services to persons with disabilities and all those who are involved in the development and approvals of customer service policies, practices and procedures.
Applicable staff will be trained on policies, practices and procedures that affect the way services are provided to people with disabilities. Staff will also be trained on an ongoing basis when changes are made to these policies, practices and procedures. New staff will be trained upon the completion of the three month probationary period. Training will include the following:-
- The purposes of the Accessibility for Ontarians with Disabilities Act, 2005 and the requirements of the customer service standard
- How to interact and communicate with people with various types of disabilities
- How to interact with people with disabilities who use an assistive device or require the assistance of a service animal or a support person
-
-
Feedback Process
The ultimate goal of IT Weapons Inc. is to meet and surpass customer expectations while serving persons with disabilities. Comments on our services regarding how well those expectations are being met are welcome and appreciated.
Feedback regarding the way IT Weapons Inc. provides goods and services to people with disabilities can be made by email, verbally, or in writing. plaints will be addressed according to complaint policy already established in our company’s complaint management procedures. -
Modifications to this or other policies
We are committed to developing customer service policies that respect and promote the dignity and independence of people with disabilities. Therefore, no changes will be made to this policy before considering the impact on people with disabilities.
Any policy of IT Weapons Inc. that does not respect and promote the dignity and independence of people with disabilities will be modified or removed. -
Questions about this policy
This policy exists to achieve service excellence to customers with disabilities. If anyone has a question about the policy, or if the purpose of a policy is not understood, an explanation should be provided by, or referred to the Human Resources Department.
-
Copies of this Policy
IT Weapons Inc. recognizes that persons with disabilities use methods other than the standard print to access information. If IT Weapons Inc. is required to give a copy of this policy to a person with a disability, IT Weapons Inc. will provide the policy, or the information contained in the policy, in a format that takes account the person’s disability.
Alternatively, IT Weapons Inc. and the person with a disability may agree on an alternate format for the document or information.
Workplace Violence Policy
The management of IT Weapons Inc. is committed to the prevention of workplace violence and is ultimately responsible for worker health and safety. We will take whatever steps are reasonable to protect our workers from workplace violence from all sources.
Workplace violence is defined as:
- the exercise of physical force by a person against a worker, in a workplace, that causes or could cause physical injury to the worker;
- an attempt to exercise physical force against a worker, in a workplace, that could cause physical injury to the worker;
- a statement or behaviour that is reasonable for a worker to interpret as a threat to exercise physical force against the worker, in a workplace, that could cause physical injury to the worker.
This definition applies to the legal requirements under the OHSA. Types of workplace violence include hitting, pushing, physical assault, sexual assault, stalking, criminal harassment, robbery and threats.
Domestic violence becomes a form of workplace violence when it occurs in the workplace and is interpreted in a manner consistent with the definition of workplace violence. Domestic violence is a pattern of behaviour used by one person to gain power and control over another with whom he/she has or has had an intimate relationship. This pattern of behaviour may include physical violence; sexual, emotional and psychological intimidation; verbal abuse; stalking; and using electronic devices to harass and control.
Violent behavior in the workplace is unacceptable from anyone. This policy applies to employees, visitors, clients, delivery persons and sub-contractors. Workplace violence can come from many sources.
It is important to consider the risk from all potential sources so you can implement the appropriate prevention controls.
Sources of workplace violence can be classified into four types:
- Type I (external – no relationship to employer): Committed by a perpetrator who has no relationship to the workplace (e.g. stranger).
- Type II (client or customer): The perpetrator is a client, or customer at the workplace.
- Type III (worker-to-worker): The perpetrator (boss, co-worker, subordinate) is an employee or past employee of the workplace.
- Type IV (domestic violence): The perpetrator (family member, former family or friends) usually has a relationship with an employee, e.g. domestic violence in the workplace.
Everyone is expected to uphold this policy and to work together to prevent workplace violence. There is a workplace violence program that implements this policy. It includes measures and procedures to protect workers from workplace violence, a means of summoning immediate assistance and a process for workers to report incidents, or raise concerns.
IT Weapons Inc., as the employer, will ensure this policy and the supporting program are implemented and maintained and that all workers and supervisors have the appropriate information and instruction to protect them from violence in the workplace.
Supervisors will adhere to this policy and the supporting program. Supervisors are responsible for ensuring that measures and procedures are followed by workers and that workers have the information they need to protect themselves.
Every worker must work in compliance with this policy and the supporting program. All workers are encouraged to raise any concerns about workplace violence and to report any violent incidents or threats. Employees may report incidents in several ways. They may wish to discuss the matter in person or by phone with their manager, another manager at IT Weapons Inc., a member of the Human Resource Team or a member of the Occupational Health and Safety committee who will assist them in filling out an incident report. They may wish to alternatively fill out the incident report and send a PDF copy or printed copy to one of the above mentioned persons. There will be no negative consequences for reports made in good faith.
Management pledges to investigate and deal with all incidents and complaints of workplace violence in a fair and timely manner, respecting the privacy of all concerned as much as possible. The workplace harassment policy should be consulted whenever there are concerns about harassment in the workplace.
AODA Multi-Year Plan
IT Weapons Inc. is committed to providing an accessible organization for persons with disabilities in accordance with the Accessibility for Ontarians with Disabilities Act (AODA) that allows for inclusion for customers, employees, and the public.
As IT Weapons Inc. strives to move towards providing a business that is barrier free, we have prepared a multi-year accessibility plan that addresses the relevant standards and requirements of the AODA that serves as the framework for the plan. IT Weapons is in full compliance with the current standards schedule as stated in the AODA and is on track to meet target dates with respect to future standards set to take effect between 2015 and 2021.
Our Plan can be made available in alternative formats upon request.
Security at IT Weapons
Service organizations or service providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. IT Weapons has been audited under the Statements on Standards for Attestation Engagements (SSAE) No. 18, Reporting on Controls at a Service Organization, since 2010.
IT Weapons currently maintains a SOC2 Type 2 report. The SOC 2 Type 2 is an in-depth, security focused, audit that attests to the controls we have in place governing the security and availability of customer systems and data. Our controls map to Trust Service Principles (TSPs) established by the American Institute of Certified Public Accountants (AICPA).
Human Resources
Prior to joining IT Weapons, and periodically after that, criminal background checks are performed. All employees are bound by confidentiality agreements which are binding during and after employment.
All employees receive security awareness training upon hiring and complete ongoing monthly training.
Physical Security
IT Weapons’ private cloud is hosted within two Canadian data centres that provide 24/7 infrastructure management and high availability.
Video Surveillance and Access Monitoring
- Building access points monitored 24/7
- Identity management is used to control entry to all ITW Facilities
- Security guard on site 24/7
- Video monitoring and image capture systems both inside and outside all ITW Facilities
Access
- Approved employees access data centre facilities via electronic access systems
- All visitors must sign-in, provide picture identification and be accompanied by an ITW Staff member that has the appropriate access to the facility
Environmental Controls
- Redundant backup power generators, redundant UPS power, multiple HVAC units
- Advanced fire detection systems, double lock pre-action fire suppression system, localized dry-pipe two stage water system
- Raised or dual layer interstitial flooring
Information Security
Network Security
- Redundant advanced firewalls providing dynamic anti-virus and anti-spam protection, Intrusion prevention, application control and URL filtering
- Proactive 24/7 monitoring
- Multiple carrier fiber-based delivery Access Control, diverse fiber entry points to the building
Endpoint Protection
- The use of advance endpoint protection is required on all systems in the environment
Access Control
- Principles of least privilege and segregation of duties are applied
- Multi-factor authentication required for access to critical systems and remote access
- IT Weapons’ employees access IT Weapons systems using individual credentials
- Administrative rights are provided using a separate account per employee
- Onboarding and offboarding processes are in place to ensure only required access is provided, and that all access is removed in a timely fashion when required
Operational Controls
Incident Management
- IT Weapons maintains an incident management program that ensures incidents, including critical security incidents, are responded to appropriately, minimizing impact and downtime
Patch and Vulnerability Management
- To ensure systems are at the current, secure operating system level, IT Weapons Windows systems are patched monthly
- An ongoing vulnerability management program is in place, covering IT Weapons internal environment, to ensure vulnerabilities are identified, analyzed, prioritized, mitigated, and remediated
Change Control
- All modifications to IT Weapons production systems fall under the Change Management policy, and adhere to ITIL best practices for change management
Risk Management
- IT Weapons risk management framework includes established processes to identify and consider the impacts of relevant risks.
- Annual risk assessments are performed, with tracking, periodic reporting and review ongoing
Backups and Disaster Recovery
- IT Weapons Data Protection Services are used to backup all IT Weapons’ systems in our private cloud. Nightly backups are performed and sent to our secondary facility to house our off-site copies of all data.
- Disaster recovery plans are maintained to ensure quick recovery of critical IT Weapons systems, and plans are tested annually