Identity and Access Management
Employees have unique logins for all business critical systems and two-factor authentication is enforced wherever possible. We conduct regular access audits and operate on the principle of least privilege.
Clear Desk and Clear Screen
All employees ensure that confidential information in hardcopy or electronic form is secure at all times. The computer screens are locked when the workspaces are unoccupied; any internal or sensitive information is removed from the desk at the end of the workdays, plus several other measures that enforce the "Privacy by Design" mindset.
All employee laptops and smartphones have encrypted hard drives and are always kept up to date with the latest operating system.
The internal networks in both of our offices are restricted, segmented and password protected. The password changes frequently. Wether on computer or smartphone, only WPA2/WPA3 protected networks are allowed to be used.
Information Security Education
As part of our commitment to ensure that every member of our team understands the role they play when it comes to security, we provide ongoing information security training throughout the year. Each new employee attends an Information Security Management System (ISMS) session within the first month of hire.