Information Security System
IBA Group is committed to protecting the privacy and confidentiality of its clients, suppliers, business partners, and employees. We use state-of-the-art technologies, as well as first-class proprietary and third-party products and solutions to ensure ultimate security to our clients.
IBA Group takes robust actions to organize physical access control, logical access control, inter-company control, data transfer protection, and audit of processing. IBA Group and external security auditors conduct annual security audits at all IBA facilities. The IBA Information Security Service keeps corporate network security under continuous control and checks organization’s activities against company regulatory acts.
IBA employees receive instructions on security requirements from the company security officers and undertake, in writing, to follow security standards. In addition, employees who work with sensitive data sign a data privacy contract.
Our Information Security Policy is based on international and business partner security standards. IBA Group conducts regular selective control among its employees to check the observance of corporate and clients’ (when working under external contracts) information security standards, as well as the use of company information, software and hardware resources.
To manage physical access to information resources, all IBA premises are divided into Controlled Access Areas in compliance with international, national, and IBA standards.
Information resources are a strategic asset of IBA Group, and therefore must be secured from loss or damage. The list of IBA’s basic measures to protect information resources is presented below:
Measure & Purpose
- User identification and authorization;
- Resource protection;
- Resource access logging;
- Violation detection.
Eliminate all security gaps:
- Vulnerability tests;
- Threat assessments;
- Internal code reviews.
Restore information in case of loss or damage.
Ensure observance of security standards:
- Annual audits initiated by IBA CEO;
- Quarterly and monthly audits carried out by local IBA executive personnel and representatives of other organizations.
IBA Group certified its information security management system to
- STB ISO/IEC 27001-2016 (ISO/IEC 27001:2013) for the Information Security Management System: design, development, production, and maintenance of software and automated information systems;
- STB ISO/IEC 27001-2016 for the Information Security Management System: design, development and maintenance of software;
- ČSN ISO/IEC 27001:2014 for the Information Security System: IT solutions and services — development and support for delivered IT solutions.