Information security

The safety of our IT systems is important to us. Despite our efforts, our systems may contain a vulnerability. Have you discovered a security flaw in one or more of our systems? Please notify us before informing the outside world.
Responsible Disclosure

If you have discovered a vulnerability in an IT system, please proceed as follows:

  • Mail your findings to security@gelderland.nl 
  • Provide enough information so we can remedy the floor as soon as possible. The computer’s IP address or IT system’s URL and a description of the security flaw is usually sufficient. But in case of more complex vulnerabilities, more details may be required.
  • Leave your contact details so that we can contact you later to jointly arrive at a safe result. At least provide an email address or telephone number.
  • Report the flaw as soon as possible after discovering it.
  • Do not share any information about the security flaw with others until it has been remedied.
  • Deal responsibly with the information in your possession about the security flaw by not taking any other action than is necessary to demonstrate this.

If you discover a vulnerability, do not:

  • Place malware.
  • Copy, change, or delete data in an IT system (as an alternative, you can create a directory listing of the system).
  • Change the system.
  • Repeatedly visit the system or share access with others.
  • Use ‘brute force’ to open the system.
  • Attempt denial of service or social engineering.

The information security policy is available, you can mail a request to security@gelderland.nl.

If you have any questions or if you require additional information.

Please do not hesitate to contact us.