Security means a more reliable application
Our commitment is to consolidate the trust of all parties we work with (users, partners, suppliers etc.), and to protect sensitive data.
Our information security management system (ISMS) covers all business-critical processes that are essential to the security of data linked to our software application. This system complies with the ISO/IEC 27001:2013 standard and its implementation complies with the requirements of our October 2018 Statement of Applicability.
Twelve specific areas and basic principles are applied in the field of data protection, to minimize the risks of security breaches related to the processing of information, and the impact on the business of any consequent damage.
1. Definition and communication of information security policies, standards and procedures
As part of our business activities, our Quality and Security Manual and Statement of Applicability may be shared.
2. Organization of data protection
3. Human resources data security, asset management
Market-IP also ensures the organization’s interests are protected in the event of contract amendment or termination.
4. Classification, management and access control
Market-IP implements physical and logical access controls, and implements these for all IT assets and resources, to ensure that access is based on genuine need and according to the specification of each internal employee or external consultant. The owner of the IT assets has responsibility for access rights. Certain rights require approval from senior management.
6. Physical and environmental security
7. Management of operating system security
An appropriate information systems management process is put in place, including safeguards and provisions for technical development and for incident handling.
- Development, production and testing environments are separated to reduce unauthorized access.
- Automatic back-up systems are in place.
- A monitoring system monitors the availability of information and sends notifications of technical events and vulnerabilities.
- An incident management process identifies incidents and enables controlled management.
8. Information security
Communications security is central to the security policy and is covered in several points, such as access management, employment contract, etc.
9. Development and maintenance
10. Supplier relationships
11. Business continuity/ information security plan
Our security policy provides guidelines and management advice to improve the security of data, developments and IT assets (systems and processes):
- Organizational security: to facilitate information security management within Market-IP.
- Classification and control of assets: to inventory assets and protect them effectively.
- Staff security: to reduce the risks of human error, theft, fraud or misuse of equipment.
- Physical and environmental security: to prevent a breach, damage and disruption to industrial data and facilities.
The security criteria are as follows:
- Confidentiality: only authorized persons may access and consult the data.
- Integrity: guaranteeing the accuracy and completeness of the information, and of the processing methods for accessing it.
- Availability: the information is available according to the company’s needs and is stored securely.