Ewellix information security policy
- We take the information security and data protection of Ewellix as a company, our employees, and our customers seriously and manage this with the highest attention and care.
- Ewellix’s information security policy serves the purpose to protect the confidentiality, integrity, and availability of Ewellix information assets and its customers by managing, mitigating and remediating the information risk.
- Information security is a priority for Ewellix’s executive team. Information security management at Ewellix is well organized to enable continuous information security management processes and improvements to meet the applicable requirements.
Some of the protective measures we work with includes:
Ewellix is actively working to protect our IT environment with the ambition to use well-known market leading products and carefully choosing service providers that can assure a protected IT environment. This provides the foundation to ensure that the IT environment and business systems can easily be maintained and kept secure.
Ewellix aims to have information security as an integrated part of our business processes. Information security is managed based on industry standards to support a systematic, secure, and efficient way of working. Our IT Incident process with trained response team is prepared to act in case of any security incident.
Automated controls are used when applicable to check that policies and guidelines are followed, to identify any potential policies non-conformance, and to actively remediate the identified non- conformance. Ewellix identity and access management procedure is a solid automated process to manage accesses throughout the life cycle, and with least access principal for our personnel’s work duties to assure authorized access only.
Ewellix recognizes the need to assure that our personnel is aware of and well trained in the information security policies and take responsibility in keeping data safe. Awareness campaigns are communicated on a regular basis to assure that our personnel have has information needed and understands the importance of information security for Ewellix and our partners.
Managing risks in a structured and appropriate way is an essential part of our security governance, aimed at identifying, assessing, prioritizing, and remediation of information security risks. Ewellix stresses the importance of continuous analysis and improvements to our IT environment and the information security landscape. Ewellix has appointed specific roles for Information Security management and data protection.
When there are ongoing security related incidents relevant to our customers, e.g. phishing attempts where criminals try to claim to be representatives of Ewellix, this information will be published here. There are no ongoing security alerts to report at this time.