At KORLEX Legal Firm, the information security policy is implemented and executed which fulfils requirements included in valid legal regulations concerning personal data protection with respect to information technology equipment and systems used to collect and process this data.
We understand security of information in IT system as ensuring:
- information confidentiality (preventing access by any third parties),
- information integrity (avoiding unauthorized changes in data).
The information security policy is implemented by KORLEX Law Firm based on the principle of:
- multi-layer protection,
- limited access,
- continuous security monitoring.
KORLEX Law Firm has comprehensive solutions for protection of IT systems by means of:
- firewalls and anti-virus scanners,
- control of access to network resources,
- access identifiers and passwords, registration of actions performed on personal data,
- following the procedures for destroying data carriers,
- protection of office spaces using 24/7 security services by the property security agency, alarm system, limited access to office spaces by persons from outside,
- centralizing data and documents on servers eliminating the possibility of data leakage from the employees’ machines, if they are lost or stolen,
- location and access to servers which are secured from access of third parties,
- modern data encoding and data exchange methods,
- data is archived on servers of reputable suppliers located in the territory of European Union countries.
KORLEX Law Firm requires each of the employees to abide by internal regulations compliant with the implemented security policy and focuses on regular training of employees regarding data protection.