Information Security

Information Security Policy

At Level-1 Global Solutions, we understand that information is one of our most valuable assets. Protecting it, whether client data, employee records, intellectual property, or project documentation, is fundamental to our ability to serve, to innovate, and to build trust. This policy affirms our responsibility to safeguard information assets against unauthorized access, disclosure, alteration, or destruction.

  • Confidentiality: Information must be accessed only by those with a legitimate business need.
  • Integrity: Information must remain accurate, complete, and protected from unauthorized modification.
  • Availability: Information and systems must be accessible to authorized users when required to support operations.

This policy applies to all directors, officers, employees, contractors, and third parties who have access to Level-1 information systems, networks, or data. It covers all forms of information—digital, physical, and verbal regardless of where it resides.

  • Access Management: User access to systems and data is role-based, requiring authentication and authorization. Accounts are reviewed regularly to prevent misuse.
  • Data Protection: Sensitive data is encrypted in transit and at rest. Portable devices must follow secure storage and transport protocols.
  • Network Security: Firewalls, intrusion detection, and monitoring tools are in place to protect against unauthorized access and cyber threats.
  • Physical Security: Facilities housing critical systems are restricted to authorized personnel, monitored, and protected by layered controls.
  • Incident Response: Security incidents must be reported immediately. A documented response plan ensures rapid containment, investigation, and remediation.
  • Training and Awareness: All employees receive periodic training on data security, phishing awareness, and responsible information handling.
  • Vendor Management: Third-party service providers are required to comply with Level-1’s security requirements and are subject to audit.

This policy aligns with leading security frameworks and standards, including ISO/IEC 27001, the NIST Cybersecurity Framework, and CIS Controls. Compliance is overseen by Level-1’s Information Security Officer, who coordinates audits, risk assessments, and continuous improvement initiatives.

Any employee or contractor found violating this policy may be subject to disciplinary action, up to and including termination of employment or contract. Severe breaches may also result in legal action.

Every decision we make, every safeguard we apply, is about protecting the trust placed in us. At Level-1 Global Solutions, securing information is the foundation of how we design, build, and sustain the systems that power the built environment.