Want an approximate price?

Get a free quote »

Call us now:

+91 9987 6698 76

quote

Public Information Security Policy

1. Purpose

This policy defines how V4WEB ensures the integrity, availability, and responsible dissemination of public-facing information through websites, web applications, and digital platforms developed and/or managed by us.

2. Scope

This policy applies to:

  • All websites, portals, and public content hosted, managed, or developed by V4WEB
  • Employees, contractors, and third parties with access to our content management systems or hosting environments
  • Client-facing projects that are publicly accessible online

3. Definition of Public Information

“Public Information” refers to any content that is published for general public consumption, including:

  • Company website content
  • Client websites and landing pages
  • Public reports, forms, blogs, announcements
  • Static and dynamic content visible without authentication

4. Information Classification

  • Public: Can be shared openly (e.g., blogs, company contact details)
  • Internal: For employees only (e.g., internal guides)
  • Confidential: Client credentials, source code, or user data — not considered public and protected under separate policies

5. Access Control

  • Only authorized personnel are allowed to publish, update, or modify public-facing content
  • Role-based access controls are implemented for CMS and hosting platforms
  • Admin accounts are protected with strong passwords

6. Content Integrity & Review

  • All public content must be verified for accuracy before publication
  • Changes to public information undergo review and approval
  • Automated tools may be used to scan for defacements, broken links, or malicious scripts

7. Secure Development Practices

  • Websites and apps are built using secure coding principles
  • Open-source plugins/themes are vetted for security
  • Regular patching and updates of CMS and dependencies

8. Incident Response

In the event of:

  • Website defacement
  • DDoS attack
  • Unauthorized access

V4WEB will:

  • Take immediate steps to isolate and resolve the issue
  • Notify affected stakeholders/clients
  • Document and report the incident as per requirements

9. Backup & Recovery

  • Scheduled backups are maintained for all hosted sites under AMC
  • Backup access is restricted
  • Disaster recovery processes is communicated & implemented

10. Client Responsibilities

For websites managed by clients post-deployment:

  • It is the client's responsibility to maintain updated credentials and CMS security
  • We advise clients to follow best practices for plugin usage, password hygiene, and timely updates

11. Compliance & Legal Obligations

V4WEB adheres to applicable Indian IT laws, including:

  • Information Technology Act, 2000 (with 2008 amendments)
  • Digital Personal Data Protection Act (DPDPA), 2023

12. Policy Review

This policy shall be reviewed at least once a year or whenever significant changes occur in technology, business operations, or compliance requirements.

Get in touch

Web/App Development

Cybercrime / Cyber Security Consultancy

  • +91 79 7713 7718
  • (Only available for Whatsapp messages)

Follow us

Visit us at

3, Ground Floor | Unique Apartments | VP Varde Marg | Off Turner Road | Bandra West | Mumbai 400050