Security Level System
Security Level System
MTCS has three levels of security, Level 1 being the base and Level 3 being the most stringent:
Level 1 – Designed for non-business critical data and systems, with baseline security controls to address security risks and threats in potentially low impact information systems using cloud services (e.g. Web site hosting public information).
Level 2 – Designed to address the need of most organizations running critical data and systems through a set of more stringent security controls. These address security risks and threats in potentially moderate impact information systems using cloud services to protect business and customer information (e.g. Personally Identifiable Information (PII), credit card data, CRM data, emails).
Level 3 – designed for regulated organizations with specific requirements. Industry specific regulations may be applied in addition to these controls, which supplement or address security risks and threats in high impact information systems using cloud services (e.g. Highly confidential business data, financial records, medical records).