/Templates/Company Wiki · Onboarding
Use this template
Company Wiki · Onboarding

Security Policy

High confidenceconceptedited by Cairni · 방금 · AIv1

Overview

All Lumen employees are required to follow these security rules from Day 1. Security training is a mandatory step in Onboarding — staging and production access is not granted until training is complete. Lumen Company Handbook & Onboarding.md

Rules at a Glance

cairni:stats {"items":[{"label":"2FA required on","value":"Every account","ref":"[[src:Lumen Company Handbook & Onboarding.md]]"},{"label":"Password manager","value":"1Password (mandatory)","ref":"[[src:Lumen Company Handbook & Onboarding.md]]"},{"label":"Approved data stores","value":"Google Workspace, Notion, GitHub","ref":"[[src:Lumen Company Handbook & Onboarding.md]]"},{"label":"Sick-device report channel","value":"#help-it (immediate)","ref":"[[src:Lumen Company Handbook & Onboarding.md]]"}]}```

---

## Requirements

### Authentication & Passwords

| Rule | Detail |
|---|---|
| Two-factor authentication (2FA) | Must be enabled on **every** company account |
| Password storage | Use **1Password** only — passwords must never be shared or stored elsewhere |
| Setup timing | Complete on Day 1 as part of account provisioning (see [[onboarding|Onboarding]]) |

[[src:Lumen Company Handbook & Onboarding.md]]

### Data Storage & Approved Tools

- Store company data **only** in approved tools: **Google Workspace**, **Notion**, and **GitHub**.
- **Never** upload company data to personal drives or unapproved cloud services.
- Confidential data (customer data, revenue figures) must be shared only in **private channels**.

[[src:Lumen Company Handbook & Onboarding.md]]

For the full list of tools and how to get access, see [[tools-and-access|Tools & Access]].

---

## Security Training

All new hires must complete the security & data-protection training video and **submit the confirmation form** on Day 1. Staging and production environment access is granted by IT only **after** security training completion and team-lead approval. [[src:Lumen Company Handbook & Onboarding.md]]

---

## Lost or Stolen Device

flowchart TD A([Device lost or stolen]):::red --> B[Report immediately to #help-it on Slack]:::blue B --> C[IT performs remote lock]:::teal C --> D([Device secured]):::green


[[src:Lumen Company Handbook & Onboarding.md]]

> **Act immediately.** Do not wait — report a lost laptop to **#help-it** the moment it is missing so IT can issue a remote lock.

---

## Approval Flow — Staging & Production Access

flowchart LR A([New hire joins]):::teal --> B[Complete security training video]:::yellow B --> C[Submit confirmation form]:::yellow C --> D{Training confirmed?} D -- No --> B D -- Yes --> E[Team lead approves access request]:::blue E --> F[IT grants staging / production access]:::green


[[src:Lumen Company Handbook & Onboarding.md]]

---

## Quick Reference

| Situation | Action |
|---|---|
| Missing account or access | Ask in **#help-it** (see also [[tools-and-access|Tools & Access]]) |
| Lost laptop | DM or post in **#help-it** immediately |
| Unsure which tool to use | Default to Google Workspace / Notion / GitHub; when in doubt, ask #help-it |
| Need to share confidential data | Use a **private** Slack channel only |

[[src:Lumen Company Handbook & Onboarding.md]]

---

## Related Pages

- [[onboarding|Onboarding]] — Day 1 checklist includes security setup steps
- [[tools-and-access|Tools & Access]] — full list of provisioned tools and access levels
- [[communication|Communication Guidelines]] — channel norms, including private vs. public channels
Made with CairniExplore public wikis →