Title 2, Chapter 1 - Information Security¶

§1. Definition of Terms¶

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in the IETF’s RFC 2119, excluding the changes made in RFC 8174 (both UPPERCASE and lowercase usage of the key words have the defined special meanings).

§2. Purpose of this Document¶

This document is intended to define the Epoch information classification system for Epoch data and systems. Data and systems shall be defined by the Epoch Technical Division.

§3. Applicability¶

The policies outlined shall apply to any persons affiliated with Epoch while acting in their official capacity as a member or affiliate of Epoch, as well as to any persons that have access to non-public Epoch information. These persons include, but are not limited to:

Epoch Members
Epoch Senior Board Members
Epoch Shadow Board Members
Epoch Certified Advisors
Epoch Advisors
Epoch Board Emeritus Members

§4. Authority to Classify and Enforce¶

The authority to classify systems into security groups, as well as enforce security policies for data or systems in each of these classification categories, is hereby granted to the Epoch Technical Division or its designee. The authority to classify data into security groups, as well as enforce security policies for each of these classification categories, is hereby granted to the leader of the Epoch team within which the data was generated or acquired.

Changelog¶

Adopted: February 20, 2020