Cybersecurity Policy

1. Intent and Scope

This cybersecurity policy provides the basis of cybersecurity management within Oxcel Group Pty Ltd t/a Oxcel Finance.
Effective protection of business information creates a competitive advantage, both in the ability to preserve the reputation of Oxcel Group Pty Ltd t/a Oxcel Finance and in reducing the risk of the occurrence of negative events and incidents.
2. Password Requirements

To avoid employees’ work account passwords being compromised, these suitable practices are advised for setting up passwords:
- (a) Use at least 8 characters (must contain capital and lower-case letters, numbers and symbols)
- (b) Do not write down password and leave it unprotected
- (c) Do not exchange credentials when not requested or approved by supervisor
- (d) Change passwords every 3 months
3. Email Security

Emails can contain malicious content and malware. In order to reduce harm, employees should employ the following strategies:
- (a) Do not open attachments or click any links where content is not well explained
- (b) Check the email addresses and names of senders
- (c) Search for inconsistencies
- (d) Block junk, spam and scam emails
- (e) Avoid emails that contain common scam subject lines such as prizes, products and money transfers
4. Device Security and Using Personal Devices

Logging in to any work accounts for personal devices such as mobile phones, tablets or laptops, can put Oxcel Group Pty Ltd t/a Oxcel Finance data at risk. Oxcel Group Pty Ltd t/a Oxcel Finance does not recommend accessing any Oxcel Group Pty Ltd t/a Oxcel Finance data from personal devices. However, if this cannot be avoided, employees are obligated to keep their devices in a safe place and not be exposed to anyone else.

Employees are recommended to follow these suitable practice steps:
- (a) Keep all electronic devices’ passwords secure and protected
- (b) Logging into accounts should only be performed through safe networks
- (c) Install security updates on a regular basis
- (d) Upgrade antivirus software on a regular basis
- (e) Never leave devices unprotected and exposed
- (f) Lock computers when leaving the desk
5. Transferring Data

Data transfer is a common cause of cybercrime. Employees should follow these suitable practices when transferring data:
- (a) Avoid transferring personal information such as customer data and employee information
- (b) Adhere to the relevant personal information legislation
- (c) Data should only be shared over authorised networks
- (d) If applicable, destroy any sensitive data when it is no longer needed
6. Working Remotely

When working remotely, all the cybersecurity policies and procedures must be followed.
7. Acceptable Use

User accounts on work systems are only to be used for the business purposes of Oxcel Group Pty Ltd t/a Oxcel Finance and not to be used for personal activities.
Employees are responsible for protecting all confidential information used and/or stored on their accounts. This includes their user logins and passwords. Employees are prohibited from making unauthorised copies of such confidential information and/or distributing it to unauthorised persons outside of Oxcel Group Pty Ltd t/a Oxcel Finance.
Employees must not purposely engage in any activity with the intent to: harass other users; degrade the performance of the system; divert system resources to their own use; or gain access to Oxcel Group Pty Ltd t/a Oxcel Finance systems for which they do not have authorisation.
8. Security Requirements

Employees must not install unauthorised software. The company may at any time introduce a whitelist of approved/trusted programs. If this occurs then only these programs may be used by employees.
Employees should perform daily backups of important new/changed data, software and configuration settings.
Employees must not use unauthorised devices on their workstations, unless they have received specific authorisation from Ratib Zaman.
Employees must not attempt to turn off or circumvent any security measures.
Employees must report any security breaches, suspicious activities or issues that may cause a cyber security breach to Ratib Zaman.
9. Disciplinary Action

If this policy is breached, one or more of the following disciplinary actions will take place:
- (a) Incidents will be assessed on a case-by-case basis
- (b) In case of breaches that are intentional or repeated or cases that cause direct harm to Oxcel Group Pty Ltd t/a Oxcel Finance, employees may face serious disciplinary action
- (c) Subject to the gravity of the breach, formal warnings may be issued to the offending employee.

Ready to excel in finance brokerage?

Join OXCEL today to access our specialised services

Ready to Join OXCEL?

Get a quote today to assess your eligibility

Get Quote

Your partner in finance success. Unlocking opportunities, navigating compliance, and empowering your growth.

The information provided on this website is for general informational purposes only. While we strive to keep the content accurate and up-to-date, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability of the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is strictly at your own risk. Oxcel Broker Services will not be liable for any loss or damage, including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website. Through this website, you may be able to link to other websites that are not under the control of Oxcel Broker Services. We have no control over the nature, content, and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.

Copyright © 2024 Oxcel Broker Services. All rights reserved.