Where's the lack of consistency? They do it once per year, but have the option to do it more and aren't limited to once per year.
One is clearly a policy, while the others are written not in legalese.
A takeaway for us is if you're going to use security documentation and policies as marketing, you need to keep it up to date and consistent with the rest of your security documentation. Lots of companies are promoting what they do for security as a way to build trust with website visitors and the market. It's a double-edged sword.
2 comments
[ 1.6 ms ] story [ 29.0 ms ] threadA takeaway for us is if you're going to use security documentation and policies as marketing, you need to keep it up to date and consistent with the rest of your security documentation. Lots of companies are promoting what they do for security as a way to build trust with website visitors and the market. It's a double-edged sword.