Práticas de acesso e segurança

Access Is Treated as a Business Risk, Not a Convenience

Tekmyster does not need unrestricted access to begin most reviews. When access is required, the preferred approach is controlled, documented, and limited to what is needed for the engagement.

Access Control

  • Named accounts instead of shared logins where possible
  • Least-privilege permissions
  • MFA wherever available
  • Temporary or time-bound access when practical
  • Production access only when required and approved

Credential Handling

  • Passwords should not be sent through plain text email, SMS, or casual chat
  • Secure credential-sharing methods should be used when possible
  • Credentials should be rotated or removed after work is complete when appropriate

Offboarding

  • Remove or reduce access when work is complete
  • Confirm remaining access needed for ongoing support, if any
  • Document open risks, recommendations, and next steps

Documents and Data

Sensitive by default.

Tekmyster treats client documents, credentials, systems, and business information as sensitive by default. Client information is used only for the purpose of the engagement. Sensitive files, diagrams, exports, reports, and credentials should be exchanged through appropriate channels rather than unsecured email or casual messaging whenever possible.

Confidentiality and Agreements

Handling expectations can be documented.

For qualified engagements, Tekmyster can define confidentiality and handling expectations through an NDA, Master Services Agreement, or project-specific Statement of Work.

Como os engajamentos funcionam Política de privacidade

Incident or Issue Handling

Clear communication when hidden issues appear.

Technology work can uncover hidden dependencies, legacy misconfigurations, vendor issues, or unexpected failures. When that happens, Tekmyster focuses on clear communication, documentation, practical remediation, and returning the client to a stable position.

← Back to Resources Discutir sua situação de IT →

Controlled Access

Discuss the issue before sharing sensitive access.

Use a Tekmyster quando precisar de julgamento técnico sênior antes de tomar uma decisão maior de IT, conceder acesso a fornecedores, substituir infraestrutura, comprar ferramentas de segurança ou continuar com correções temporárias.

Agendar uma revisão prática de IT Discutir sua situação de IT