Contracting & Compliance
      Back to home
      1. Help Center
      2. Veonics® Portal Users Manual
      3. Contracting & Compliance

      Cybersecurity Awareness Education and Training

      At eXpress badging®, we maintain a structured Cybersecurity Awareness & Accountability Program that trains employees, enforces role-based responsibilities, and tracks compliance using EOS methodology.

      👩‍💻 eXpress badging® Cybersecurity Awareness Education and Training Program

      Summary:
      Cybersecurity is everyone’s responsibility. This ensures our team protects customer data with the same vigilance as we protect our own, behind our firewall or within our hardened AWS data center environment.

      🧑‍💼 User Types & Access Controls

      1. Administrative Users (Non-Data Center)

      • Do not access the Veonics® Portal directly.

      • May handle customer PII (Personally Identifiable Information) or PCI (Payment Card Information).

      • Subject to strict handling, storage, and destruction policies.

      • Required to follow daily/weekly/monthly cyberawareness communications.

      2. Data Center Standard Users

      • Access to the live Veonics® Portal instance for badge management.

      • Restricted by role-based access controls (least privilege).

      • Activities logged and auditable.

      • Must complete initial and ongoing cyber training.

      3. Portal Enterprise Users (Compliance-Controlled)

      • Reserved for regulated/high-security customer accounts.

      • Access granted only via Enterprise Portal Accounts.

      • Unique eXpress badging® user credentials per account — ensuring clear accountability.

      • Subject to enhanced compliance controls and regular reviews.

      • Access is limited, monitored, and tracked as part of our Enterprise compliance program.

      🎓 Cybersecurity Awareness Program Components

      🏫 Training

      • New Employees: Mandatory 2-hour onboarding cyber training.

      • Annual Refresher: 2-hour update training for all staff.

      • Remediation: 1:1 sessions for employees who fail compliance or security testing.

      💬 Cyber-Communications

      • Daily: “Cyber Tip of the Day” shared in team channels.

      • Weekly: Cybersecurity topic email for all staff.

      • Monthly: Company blog post reinforcing key themes.

      📊 Weekly EOS Scorecard Tracking

      • Each department conducts a Level 10 meeting every week.

      • One accountable team member tracks their Cyber-Score (departmental compliance metric).

      • Metrics are reported on the EOS Scorecard and escalated if risks emerge.

      🧪 Testing

      • Conducted by our IP Partner.

      • Includes: simulated phishing emails, email scams, and other red-team style tests.

      • Results are reviewed with leadership and inform refresher/remediation training.

      🔐 Accountability Model

      • Every user has documented cybersecurity responsibilities.

      • System administrators and Enterprise account managers are accountable for compliance at their assigned accounts.

      • Failures to follow cyber policies are escalated to HR and leadership and may result in corrective action or termination.

      📖 Related Documentation

      Last Updated: 08/29/2025