Purpose
The purpose of this policy is to establish guidelines for the secure use of cloud services and protect AppCan Ltd information assets.

Scope
This policy applies to all employees, contractors, and third parties who use cloud services to store, process, or transmit AppCan Ltd  information.

Policy

Cloud Service Selection
Cloud services must be selected based on the security measures they offer, their compliance with relevant regulations, and the needs of AppCan Ltd.

Data Protection
Data stored in the cloud must be protected in accordance with AppCan Ltd data protection policy. This includes encryption of sensitive data and implementation of access controls.

User Access Management
Access to cloud services must be managed in accordance with AppCan Ltd user access control policy. This includes the use of strong authentication methods and regular review of access rights.

Incident Response
Incidents involving cloud services must be reported and managed according to AppCan Ltd incident management procedure.

Service Level Agreements (SLAs)
SLAs with cloud service providers must include provisions for security, availability, and data protection.

Monitoring and Review
The use of cloud services must be monitored and reviewed regularly to ensure compliance with this policy and to identify potential security risks.

Policy Compliance
Failure to comply with this policy may result in disciplinary action and potential legal consequences.

Review and Update
This policy will be reviewed and updated regularly to ensure it remains effective and aligned with the strategic direction of AppCan Ltd.

Approval
This policy is approved by the Directors of AppCan Ltd.