Contracting & Compliance
      Back to home
      1. Help Center
      2. Veonics® Portal Users Manual
      3. Contracting & Compliance

      Cybersecurity Awareness Education and Training

      At eXpress badging®, we maintain a structured Cybersecurity Awareness & Accountability Program that trains employees, contractors, and vendors, enforces role-based responsibilities, and tracks compliance using EOS and ticketing methodology.

      🛡️ At eXpress badging®, cybersecurity and privacy are everybody’s responsibility. Our structured Awareness & Accountability Program ensures that every person—employees, contractors, and vendors—protects customer data with the same vigilance as we apply internally, whether inside our firewalls or within the hardened AWS cloud environment.

      👥 User Types & Access Controls

      🖥️ Administrative Users (Non-Data Center)

      • May handle customer PII or PCI.

      • All contractors assigned to these roles must sign confidentiality agreements.

      • Mandatory onboarding and regular awareness training as employees.

      🔐 Data Center Standard Users

      • Internal staff or external contractors with direct Veonics® Portal access.

      • Access governed by role-based controls (least privilege).

      • All users—employee or vendor—complete initial and ongoing training.

      🏢 Portal Enterprise Users (Compliance-Controlled)

      • Targeted for regulated or high-security accounts.

      • Contractor access allowed only with documented approval; subject to background check and credentials.

      • Must adhere to enhanced security requirements and compliance reviews.

      📚 Cybersecurity Awareness Program Components

      🎓 Training (All Personnel – Employees & Contractors)

      • New Users: Mandatory 2-hour onboarding training, regardless of employment type.

      • Annual Refresher: 2-hour updates including privacy best practices.

      • Remediation: 1:1 sessions required if compliance tests are not passed.

      📣 Cyber-Communications

      • Daily: Cyber-Tip of the Day via internal channels.

      • Weekly: Security topic email for everyone with active access.

      • Monthly: Blog post reinforcing privacy themes and procedures.

      📊 Training Governance and Oversight

      • Compliance is tracked in our HubSpot Ticketing process and EOS Accountability assignment by department.

      • Applicable contractors/vendors are included in the same accountability metrics as employees.

      • Non-compliance is escalated to HR or Contracting Manager and may result in access revocation.

      🧪 Ongoing Testing & Simulations

      • Simulated phishing attacks and red-team style phishing exercises are conducted across all user groups—staff, contractors, and approved external users.

      • Results are reviewed and training updated accordingly.

      ✅ Accountability & Remediation Mechanisms

      • Cyber roles and responsibilities are documented for each user category.

      • Accountability is enforced equally across employees and contract personnel.

      • Policy breaches by contractors follow similar escalation paths, including termination of access or contract.

      🔗 Related KB Articles & Frameworks

      Last Updated: September 2025