INFORMATION SECURITY POLICY

Information Security Policy

We at nms Holdings Corporation are profoundly aware of the importance of information security in our ubiquitous information society, and through the execution of sound business philosophies, we aspire to be a corporation that is highly trusted by society.

The nms Information Security Policy is based on three elements, physical, technological, and human, that make up our information security measures.

We abide by our Information Security Policy and at the same time by laws and regulations, and maintain and assure the confidentiality, integrity, and availability of the information and information related assets that we possess.

Information

Information is defined as processed and accumulated data handled when operating as a company.

Security

Achieving a state of security means that we maintain accurate and complete data (integrity) through a means and at a time that are both seen as being legitimate (confidentiality), and in a state in which the data is always accessible and useable (availability).

Physical Security Measures

We implement all possible physical security measures that are relevant to prevent normal information system operation obstructions such as unauthorized access to offices with information systems, to equipment such as computers and networks, and to locations where information systems are in use.

Technological Security Measures

We implement all possible technological security measures that are relevant through a technological approach that involves both hardware and software. To this end, we set the range of information that can be accessed according to the job position and information access privileges of users, and we implement measures such as encryption technologies in order to conceal sensitive data.

Human Security Measures

We implement all possible technological security measures that are relevant with the aim of reducing risks resulting from human factors. We implement emergency contact procedures, and make available crash-recovery procedures, employee training, and information security education.

PAGE TOP