SII has been using IT systems to further enhance the technologies of “SYO”ism that it has developed over the years. We also run many IT systems to grapple with the rapidly-changing business environment.
While digital transformation (DX) is being promoted in recent years, the threats, such as information leaks due to cyber attacks on the IT systems that support businesses and fraud using business email, are becoming more widespread and more serious.
SII continues to review and implement information security measures as a key management responsibility in order to protect and maintain the IT system as an important infrastructure.
To ensure information security, SII employees have been working as a team under a promotion framework consisting of senior management in chief executive roles based on internal regulations and various guidelines.
Information assets are evaluated and classified based on confidentiality, completeness, and availability to clarify security risks and take the necessary steps to maintain these information assets.
In addition, we are working to create a safe and stable environment by ensuring that all employees are fully aware of the importance of information security and the specific items to be observed, as well as conducting regular education and training to improve their information security literacy.
Furthermore, in order to realize diverse and flexible work styles, including telework, we are implementing multi-layered security enhancements for mobile access environments such as PCs and smartphones that are taken outside the office.
- Develop manuals for security incidents.
- Conduct training that assumes targeted e-mail attacks.
- Strengthen and review Internet security measures.
- Enhance security in telework environments
- Strengthen account authentication (multi-factor authentication).
In addition to the information system-related measures, SII has established the Personal Information Protection Policy and has been putting in place other internal rules, including the "SII Group Personal Information Protection Basic Regulation." In order to uproot personal information loss or leakage due to negligence, we continually provide education programs to each employee.