Tokyo Freight Services WLL understands the vulnerability and risks involved in relying on technology to collect, store and manage information. Therefore, the management and staff of Tokyo Freight Services are committed to preserving the security of our data and technology infrastructure by establishing procedures that addressed the 10 minimum Cyber Security Principles as follows:
- Risk Management. We identify and assess risks that our company faces, follow security measures, give priority to the biggest threats, and execute appropriate responsiveness.
- Secure configuration. We ensure proper configuration to avoid data breaches and ensure that we remove or disable unnecessary functionalities from our company’s systems and address known vulnerabilities promptly.
- Home and mobile working. We implement security measures in our company’s systems for our staff working remotely to address security risks by limiting access to sensitive systems and creating policies for protecting laptops, removable devices, and physical information outside the office.
- Incident management. We implement systematic backup policies and procedures to respond to security-related incidents, mitigate damage and get our backup running as quickly as possible.
- Malware prevention. We implement anti-malware software and policies designed to mitigate these risks and prevent your staff from falling victim.
- Managing user access. We create and manage access controls to ensure that our staff can only access information that is relevant to their job.
- Monitoring. We monitor our company’s systems to identify incidents promptly and to initiate response efforts.
- Network security. We implement policies and technical measures to reduce the likelihood of our network connections being exposed and exploited to the vulnerabilities of the internet.
- Removable media controls. We create and implement policies emphasizing the need to digitally and physically protect removable devices to avoid and reduce security issues, e.g. access to your company’s systems from unauthorized parties.
- Accountability, user education, and awareness. We implement appropriate training programs related to your company’s security practices, to create awareness and educate our staff on how to achieve an effective Cyber Security environment.
This policy is continually monitored and reviewed to ensure that the effectiveness of our cybersecurity management is achieved by mitigating the risk of cybercrime in our company.