Core concept
The UNISOL Group has developed an Information Security Policy, which serves as the Group’s basic policy in this area, as well as a range of related regulations. This allows us to prescribe a code of conduct in relation to the Group’s information assets and work to guarantee information security.
In addition, we are strengthening our system for internal and external access control to avoid computer viruses and other cyber-attacks and prevent leaks or unauthorized alteration of confidential information. At the same time, we are implementing technological measures, such as creating back-up systems and shifting to high-performance devices, as well as striving to enhance our information security in response to diversification of the environments in which our information systems are used (e.g., telework). Specifically, our Corporate Strategy Unit’s IT Planning Division, with support from other departments, carries out centralized management of networks, IT assets, and user identities, and aims to build security infrastructure able to adapt to changes to our business or organization. In addition, we plan to increase our investment in security and further enhance our information security management to allow prompt detection and resolution of any security incidents.
Information security training and drills
The UNISOL Group has created various regulations for information security management and has taken measures against the risk of system failures or information leaks due to cyber-attacks. The Group is working to improve employees’ knowledge of information security by conducting e-learning on security and regular drills on email attacks.
Major initiatives
- Introduce NGAV (next-generation anti-virus software) and EDR (endpoint detection and response)
- Replace existing protection with NGFW (next-generation firewall)
- Conduct training on targeted e-mail attacks for domestic consolidated subsidiaries
- Implement security e-learning for 100% of eligible staff (staff of domestic consolidated subsidiaries who work with computers in the course of their duties); achieved in FY2024. Have managers raise awareness of related issues among non-eligible staff
Initiatives within our IoT Solution Business
Our IoT solution business (Security Design Inc.) has created an information security management system (ISMS) compliant with ISO/IEC 27001:2022 (national variant: JIS Q27001:2023). Using this system, we work to protect both our customers’ and our own information assets, prevent security incidents, and continually improve our information security.