Roland DG utilizes digital data in a wide range of applications including design, production, sales support and company-wide management. There have been an increasing number of problems in recent years involving the leakage of information due to cyber-attacks or security breaches such as the transmission of targeted emails. Roland DG has defined rules and is developing a system for information security to ensure appropriate protection of information related to customers and suppliers as well as company business with the aim of maintaining smooth business operations.
Global Information Security Policy
The Global Information Security Policy has been defined as the guiding principles for information security throughout the Roland DG Group. This policy sets out compliance rules that form the core of information security measures for the Roland DG Group, and is designed to maintain and protect the confidentiality, integrity and availability of information resources including personal information. This serves to prevent business losses of the Roland DG Group and erosion of social credibility, and provides an environment where employees are able to perform their duties with peace of mind.
Establishing and Implementing Internal Regulations
Roland DG has established "Information Management Regulations," "Information Systems Management Regulations/Global Information Security Management Regulations" and "Information Equipment Security Regulations" in line with the Global Information Security Policy. Information Management Regulations outlines definitions for the information being handled, including confidential information, internal information and business information, and sets forth rules on their disclosure, inspection, distribution, reproduction, storage, disposal, and other methods of handling the information. Rules also cover how to respond to incidents like information leakage as well as auditing and inspection methods, review methods for handling information, and internal education and guidance. Information Systems Management Regulations outlines rules for handling information equipment and systems, as well as rules for their proactive "utilization" to achieve management goals in addition to their "protection."
Information Security Management System
The information management regulations appoint the president and representative director as the chief officer in charge of information management, and the director in charge of General Affairs Department as the information manager. A system has been established where the General Affairs Department is the principle department for information management, and the Information Services Department provides support for electronic information of associated departments.
Organizing Ongoing Inspections and Training
Once every year, Roland DG conducts inspections of information it handles, and reports its findings to the information manager. Training for information management using e-learning is also organized regularly to provide guidance on information management to ensure that each and every employee has a thorough understanding of the basic principles of information security.
Compliance with Laws Regarding Personal Information Protection
Roland DG launched a compliance project in May 2018 to ensure compliance with the General Data Protection Regulation (GDPR) of the EU. Compliance is progressing smoothly with the coordination of local law firms and sales subsidiaries. Efforts are also underway to establish regulations in line with the Protection of Personal Information Act of Japan that was amended in June 2020.