Privacy Policy

IT Weapons believes privacy is a central issue of Internet use. We work hard to keep reasonable measures in place to assure the anonymity of visitors to the IT Weapons web site(s). IT Weapons feels as part of responsible disclosure that web site visitors and users be made aware of what information is being logged and recorded.

To maintain and improve site quality and integrity, IP addresses are logged (the Internet Protocol addresses of computers). This log is a standard method of reporting to statistically review and further develop our web site experience. We also log the type of browser and operating system you are using. These detailed analytics enable our web development team to develop the IT Weapons site to be rendered as intended when designed in all top level browsers and operating systems. We do not link IP addresses to personally identifiable information.

Like many other commercial web sites, the IT Weapons’ web site may use a standard technology called a “cookie” to collect information about how you use the site. Cookies were originally designed to help a web site distinguish a user’s browser as a previous visitor and thus save and remember any preferences that may have been set while the user was browsing the site. A cookie is a small string of text that a web site can send to your browser. A cookie cannot retrieve any other data from your hard drive, pass on computer viruses, or capture your e-mail address. Currently, web sites use cookies to enhance the user’s visit; in general, cookies can securely store a user’s ID and password, personalize home pages, identify which parts of a site have been visited or keep track of selections in a “shopping cart.” It is possible to set your browser to inform you when a cookie is being stored – this way, you have the opportunity to decide whether to accept or decline the cookie.

At times we may request that you voluntarily supply us with personal information, such as your e-mail address, for purposes such as corresponding with us, registering at a site, participating in an online survey or signing up for an event.

Information Use

When you supply IT Weapons with your personal information, we may use the information to learn more about you so that we can develop better methods of communication and solution offerings or use the information to inform you about new products, services and offers that may be of interest to you. AT NO TIME will IT Weapons sell your personal information, or use it in any other way, not mentioned here.

Declining E-mail Offers

Although most customers tell us they appreciate receiving notice of these opportunities, we recognize the importance of providing you with choices. At any time after receiving an e-mail offer from IT Weapons, you may request to discontinue receiving these offers. All e-mail offers that you receive from IT Weapons will inform you of how to decline further e-mail offers in the bottom footer, or as noted by the “Unsubscribe” text link. Our partners may have different policies, in this case IT Weapons can not be held responsible.

Privacy Policy Changes

IT Weapons privacy statement is subject to change at any time and without notice.

Accessibility Policy

Accessibility Standards for Customer Service as Required by the Accessibility for Ontarians with Disabilities Act

OUR ACCESSIBILITY STATEMENT

To read our accessibility Policy please click HERE

Feedback

KONICA MINOLTA has implemented a feedback process for clients and employees through our web site  https://konicaminolta.ca/en/business/support/contact and in paper copy at all facilities. All feedback is responded to by the appropriate department.

Workplace Violence Policy

The management of IT Weapons Inc. is committed to the prevention of workplace violence and is ultimately responsible for worker health and safety. We will take whatever steps are reasonable to protect our workers from workplace violence from all sources.

Workplace violence is defined as:

  1. the exercise of physical force by a person against a worker, in a workplace, that causes or could cause physical injury to the worker;
  2. an attempt to exercise physical force against a worker, in a workplace, that could cause physical injury to the worker;
  3. a statement or behaviour that is reasonable for a worker to interpret as a threat to exercise physical force against the worker, in a workplace, that could cause physical injury to the worker.

This definition applies to the legal requirements under the OHSA. Types of workplace violence include hitting, pushing, physical assault, sexual assault, stalking, criminal harassment, robbery and threats.

Domestic violence becomes a form of workplace violence when it occurs in the workplace and is interpreted in a manner consistent with the definition of workplace violence. Domestic violence is a pattern of behaviour used by one person to gain power and control over another with whom he/she has or has had an intimate relationship. This pattern of behaviour may include physical violence; sexual, emotional and psychological intimidation; verbal abuse; stalking; and using electronic devices to harass and control.

Violent behavior in the workplace is unacceptable from anyone. This policy applies to employees, visitors, clients, delivery persons and sub-contractors. Workplace violence can come from many sources.

It is important to consider the risk from all potential sources so you can implement the appropriate prevention controls.

Sources of workplace violence can be classified into four types:

  • Type I (external – no relationship to employer): Committed by a perpetrator who has no relationship to the workplace (e.g. stranger).
  • Type II (client or customer): The perpetrator is a client, or customer at the workplace.
  • Type III (worker-to-worker): The perpetrator (boss, co-worker, subordinate) is an employee or past employee of the workplace.
  • Type IV (domestic violence): The perpetrator (family member, former family or friends) usually has a relationship with an employee, e.g. domestic violence in the workplace.

Everyone is expected to uphold this policy and to work together to prevent workplace violence. There is a workplace violence program that implements this policy. It includes measures and procedures to protect workers from workplace violence, a means of summoning immediate assistance and a process for workers to report incidents, or raise concerns.

IT Weapons Inc., as the employer, will ensure this policy and the supporting program are implemented and maintained and that all workers and supervisors have the appropriate information and instruction to protect them from violence in the workplace.

Supervisors will adhere to this policy and the supporting program. Supervisors are responsible for ensuring that measures and procedures are followed by workers and that workers have the information they need to protect themselves.

Every worker must work in compliance with this policy and the supporting program. All workers are encouraged to raise any concerns about workplace violence and to report any violent incidents or threats. Employees may report incidents in several ways. They may wish to discuss the matter in person or by phone with their manager, another manager at IT Weapons Inc., a member of the Human Resource Team or a member of the Occupational Health and Safety committee who will assist them in filling out an incident report. They may wish to alternatively fill out the incident report and send a PDF copy or printed copy to one of the above mentioned persons.   There will be no negative consequences for reports made in good faith.

Management pledges to investigate and deal with all incidents and complaints of workplace violence in a fair and timely manner, respecting the privacy of all concerned as much as possible. The workplace harassment policy should be consulted whenever there are concerns about harassment in the workplace.

Security at IT Weapons

Service organizations or service providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. IT Weapons has been audited under the Statements on Standards for Attestation Engagements (SSAE) No. 18, Reporting on Controls at a Service Organization, since 2010.

IT Weapons currently maintains a SOC2 Type 2 report. The SOC 2 Type 2 is an in-depth, security focused, audit that attests to the controls we have in place governing the security and availability of customer systems and data. Our controls map to Trust Service Principles (TSPs) established by the American Institute of Certified Public Accountants (AICPA).

Human Resources

Prior to joining IT Weapons, and periodically after that, criminal background checks are performed. All employees are bound by confidentiality agreements which are binding during and after employment.

All employees receive security awareness training upon hiring and complete ongoing monthly training.

Physical Security

IT Weapons’ private cloud is hosted within two Canadian data centres that provide 24/7 infrastructure management and high availability.

Video Surveillance and Access Monitoring
  • Building access points monitored 24/7
  • Identity management is used to control entry to all ITW Facilities
  • Security guard on site 24/7
  • Video monitoring and image capture systems both inside and outside all ITW Facilities
Access
  • Approved employees access data centre facilities via electronic access systems
  • All visitors must sign-in, provide picture identification and be accompanied by an ITW Staff member that has the appropriate access to the facility
Environmental Controls
  • Redundant backup power generators, redundant UPS power, multiple HVAC units
  • Advanced fire detection systems, double lock pre-action fire suppression system, localized dry-pipe two stage water system
  • Raised or dual layer interstitial flooring
Information Security
Network Security
  • Redundant advanced firewalls providing dynamic anti-virus and anti-spam protection, Intrusion prevention, application control and URL filtering
  • Proactive 24/7 monitoring
  • Multiple carrier fiber-based delivery Access Control, diverse fiber entry points to the building
Endpoint Protection
  • The use of advance endpoint protection is required on all systems in the environment
Access Control
  • Principles of least privilege and segregation of duties are applied
  • Multi-factor authentication required for access to critical systems and remote access
  • IT Weapons’ employees access IT Weapons systems using individual credentials
  • Administrative rights are provided using a separate account per employee
  • Onboarding and offboarding processes are in place to ensure only required access is provided, and that all access is removed in a timely fashion when required
Operational Controls
Incident Management
  • IT Weapons maintains an incident management program that ensures incidents, including critical security incidents, are responded to appropriately, minimizing impact and downtime
Patch and Vulnerability Management
  • To ensure systems are at the current, secure operating system level, IT Weapons Windows systems are patched monthly
  • An ongoing vulnerability management program is in place, covering IT Weapons internal environment, to ensure vulnerabilities are identified, analyzed, prioritized, mitigated, and remediated
Change Control
  • All modifications to IT Weapons production systems fall under the Change Management policy, and adhere to ITIL best practices for change management
Risk Management
  • IT Weapons risk management framework includes established processes to identify and consider the impacts of relevant risks.
  • Annual risk assessments are performed, with tracking, periodic reporting and review ongoing
Backups and Disaster Recovery
  • IT Weapons Data Protection Services are used to backup all IT Weapons’ systems in our private cloud. Nightly backups are performed and sent to our secondary facility to house our off-site copies of all data.
  • Disaster recovery plans are maintained to ensure quick recovery of critical IT Weapons systems, and plans are tested annually