Page 17 - Paragon ID
P. 17
IT SECURITY POLICY
Our IT security guidelines are intended to guarantee the control and protection of company data as well as that of our clients and suppliers. With the development of products and services requiring the handling of secure data, Paragon ID has implemented a policy to ensure its firm commitment to the protection of systems and data belonging to all stakeholders.
The management team provides active support and guidelines to the company’s central IT management team, which is responsible for rolling out standards for IT security and cybersecurity. Our IT security approach is based on a set of fundamental pillars:
identity and access management; data protection;
network security;
system security.
Identity and access management is responsible for administering users and their access to systems and applications. This process facilitates the creation of user accounts, password management, allocation of access authorisations as well as the implementation of security policies. Our systems are also capable of detecting any attempted intrusions and blocking any compromised user accounts.
Data protection is intended to protect sensitive company data. This means that our teams are committed to protecting data confidentiality on a daily basis. This constant vigilance allows us to guarantee that our data is never disclosed to unauthorised third-parties. Confidentiality is provided through various means including encryption and access control.
Network security protects companies against internal and external threats. Thanks to our internal security system, we can configure firewalls, filter content, detect intrusions and neutralise any breaches.
System security is intended to protect IT systems against viruses, malware and any internal or external attacks. The adoption of modern, reliable systems allows us to implement an agile data protection strategy. The availabi- lity of systems also plays a crucial role by allowing uninter- rupted access to data for authorised users. This continuity is maintained thanks to various measures, including data and system redundancy, backups (on site and in the cloud) as well as post-incident recovery plans.
17
