Access Control & Acceptable Use Client‑Safe
Summary for clients and partners • Effective 28 Sep 2025
Access Control
- MFA required for all privileged access; least‑privilege by default
- Formal approval for joiners/movers/leavers; periodic access reviews
- Service/guest accounts minimised and reviewed
- Secrets stored in vault; time‑bound elevation with ticket reference
Acceptable Use
- Use company/customer systems lawfully and responsibly; respect privacy
- No storage on unapproved devices or personal cloud; prevent shadow IT
- FDE, EDR/AV and MDM on managed devices; prompt patching
- Public Wi‑Fi not used for access; use secure mobile tethering/VPN
- No unauthorised software or tools; report suspected incidents immediately
Monitoring & Enforcement
Activity on managed systems may be monitored to uphold policy and security. Breaches may lead to access removal and disciplinary action per contract and law.
Contacts
security@virtusgroup.biz • privacy@virtusgroup.biz • legal@virtusgroup.biz • compliance@virtusgroup.biz