As an IT company responding to the era of digital transformation, NSD is working on data privacy and security as one of our most important challenges in order to earn the trust of customers and society.
Recognizing information security incidents such as leaks and unlawful disclosure of information as major risks for corporate management, we strive to safely and securely handle (maintain confidentiality, integrity, and availability) information assets, including personal information, as a company that handles important information for customers and employees.

To maintain the confidentiality, integrity, and availability of all information assets, thereby earning the trust of customers and society, NSD has established its Basic Policy on Information Security in an effort to ensure the security of information.
Moreover, specific measures are stipulated in the Information Security Standards and Information Security Procedures as sub-provisions of the Basic Policy on Information Security to ensure that measures are effective.

NSD has established the Information Security Committee under the Risk Management Committee to strengthen information security. The Information Security Committee, which is chaired by the Head of the Corporate Service Division and comprised of related officers and department managers, regularly identifies information security risks throughout the Company, and in addition to giving guidance on preventive measures, confirms the Company's compliance with the rules.
Moreover, we are taking physical measures by developing systems such as equipment and functions to prevent the risk of information leaks, malware and other virus infections, as well as unauthorized access to the Internet and e-mails.

Every year, NSD carries out training for employees on the Company's rules and risks. Furthermore, we regard problems related to information security that occur on a daily basis outside NSD as issues of our own. As such, we verify whether there are any similar problems within the Company, and make them known to all employees. When laws and regulations such as the Act on the Protection of Personal Information are revised, we provide education to employees to ensure thorough compliance with such laws and regulations.

In addition to information leaks and cyberattacks by hackers, the risks of organized terrorist cyberattacks from other countries, such as ransomware demanding money and the shutting down of vital infrastructure, have recently come to the fore.
In light of these heightened security risks, NSD outsources vulnerability assessments of internal and external systems to third-party specialists in order to prevent unauthorized access and malware infection. Furthermore, we are working to strengthen security by providing targeted attack countermeasures, firewalls, web content filtering, and an intrusion prevention system (IPS).
As targeted email attacks are evolving and becoming ever more sophisticated, we will continue to strengthen our defenses and provide training and education to eliminate human vulnerabilities.