Access control policy

We are still working on releasing an industry-standard policy for access control, but as a young company, we have put in place some internal procedures to ensure that we have a culture of discipline in this area.

These procedures will help us to make sure that we are handling access control in a responsible and professional manner:

  • All employees at SpatialChat must use their @spatial.chat email accounts to access internal services.
  • Each employee has access only to those services that they need according to their scope of work, e.g.
  • Backend engineers have access to servers and database, however they don't have access to customer billing data or finance data.
  • Support engineers don’t have access to any server infrastructure, but they have access to customer data (in order to be able to issue a payment refund, help with SpatialChat space setup, etc.)
  • All access is revoked from an employee within 3 calendar days after contract termination, and when reasonably possible - immediately
  • Employees must have latest anti-virus software on their personal computers.
  • Employees shall use complex passwords for their work user accounts (min. 8 symbols, upper case letter, lower case letters, numbers and special symbols).