Pole To Win has organized an Information Security Committee and assigned an Information Security Director. The director is clarified to oversee company-wide information security and a structure has been built to allow for promptly implementing necessary countermeasures.
The Information Security Committee carries out the role of actively promoting information security measures throughout the entire company from every angle, including from organizational, human resources related, physical, and technical perspectives.
Role of the Information Security Committee
- Providing consent for information security management plans
- Assessing the company's information security measures
- Establishing and revising policies related to information security measures
- Spreading awareness of and educating about information security countermeasures
- Making decisions on penalties for violators of information security measures
- Implementing resolutions made by the company
Pole To Win has established the Pole To Win Information Security Policy in order to implement proper information security measures with a common awareness shared by each division.
A clear policy has been laid down regarding the handling of all information assets, such as personal information and confidential information received, and all employees are educated on the implementation of measures to prevent all possible instances of information leaks, and of the strict consequences that will be enforced in the event of an information leak or other violation.
Pole To Win also makes regular revisions to this Policy so as to adapt to environmental changes, technical innovation, and other circumstances.
The Pole To Win Information Security Policy indicates a policy for information security measures from organizational, human resource related, physical, technical, and all other perspectives, for information security structures that are to be constructed for the overall company and at each individual office, confidential information, the handling of personal information, system development and operation, risk management, employee training, etc.
Pole To Win works to improve employees' knowledge and etiquette by implementing ongoing training for employees regarding the protection of personal information and information security.
A group learning program has been created where regular participation in educational classes is required, materials on information security are distributed, and regular announcements are presented. Furthermore, efforts are made to boost the skills of the Information Security Director by providing the director with new information through participation in external seminars and also exchanging information with other individuals with official certification.
Training is provided to all company employees, including permanent and contracted staff. In this way, Pole To Win works to ensure a thorough level of company-wide security.
As a corporate provider of testing (verification/evaluation) and translation services, Pole To Win addresses information security with top priority put on protecting information acquired from clients as well as personal information.
As a countermeasure on the technical and operational level, a department is put in charge of conducting in-house security supervision and internal auditing. Auditing mainly consists of checking the status of such factors as the usage of company networks from work computers, access to various company servers, access to the internet, and access to databases that include confidential information. If it is found that someone has violated company rules, they are warned and supervised.
In regards to the actual working environment, different areas of the company are divided into different security levels and entrance regulations are set forth based on the level of security. Confidential and personal information can only be handled in high-level security areas.
High-level security areas are thoroughly managed such as through controlling area access with electric locks, situating desks so that managers can check who enters the area, and prohibiting the carrying of mobile phones.
Using key cards to manage building access
Using fingerprint authentication and digital locks to manage access
Monitoring via surveillance cameras
Monitoring via motion sensors
Photos: Secom Co., Ltd.