Regional sites:
Specialized sites:
Security is Gemalto’s core proposition. It is also critical for us as a
source of trust. We aim for excellence in the integrity and confidentiality of
all assets and data that belong to our company and customers. We achieve this
through programs that help our employees maintain the highest levels of digital
and physical security. One example is the way we include operational security
managers in all our software development teams.
Our security strategy has three main strands:
Within each of these areas, we:
At a corporate level, we maintain a full risk register that we constantly update. In 2010 we updated our strategic security agenda. This took our risk register into account and also integrated risks identified in our new businesses. The main aim was to assess major risks and to develop prevention. This is especially important in areas such as the internet and wireless connectivity, where security is paramount.
Through regular assessments we also ensure that our internal security standards and policies exceed regulatory requirements. Each year we use external tools to audit our quality and security systems against ISO and market-specific standards. At all R&D, production and personalization sites we maintain external certification through companies such as Visa and MasterCard. We conform to the ISO 27001 security standard at eight of our sites. We’ve also defined an ISO 27001 roadmap based on needs at other sites around the world.
In the future we will extend these security levels to companies we have recently acquired.
