{"id":2570,"date":"2018-11-15T10:19:41","date_gmt":"2018-11-15T08:19:41","guid":{"rendered":"https:\/\/vertia.fi\/?page_id=2570"},"modified":"2021-10-25T12:06:18","modified_gmt":"2021-10-25T09:06:18","slug":"vertian-tietoturvapolitiikka","status":"publish","type":"page","link":"https:\/\/vertia.fi\/en\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/","title":{"rendered":"Vertia's Information Security Policy"},"content":{"rendered":"

1. Goal<\/span><\/h1>\n

Vertia\u2019s information security team ensures the smooth operation and security of Vertia\u2019s information systems.<\/span><\/p>\n

Information security refers to the secure handling of all data, regardless of its format. Information security involves ensuring the confidentiality, integrity, and availability of data.<\/span><\/p>\n

Vertia\u2019s business operations require that its information systems function smoothly and securely. To ensure this, information security is actively monitored, and any deviations are addressed promptly in accordance with predefined procedures.<\/span><\/p>\n

Information security is implemented and developed using solutions that are appropriate in terms of risk and cost-effective. Operations take into account the agreements with employees, customers, and partners, privacy protection, and other legal requirements. Information security measures are used to manage the risks associated with the adoption of new operating methods and technologies.<\/span><\/p>\n

Customer and other personal data are used only for purposes permitted by contracts and the law, and are accessible only to those who need them for their work. <\/span><\/p>\n

 <\/p>\n

2. Responsibilities and Organization<\/span><\/h1>\n

The business unit is responsible for defining information security requirements for information systems and for ensuring adequate resources for information security. The information security team is responsible for developing business continuity plans for processes critical to the business. These plans are maintained, tested, and practiced regularly to ensure they remain up to date.<\/span><\/p>\n

The Information Security Team ensures that information security risks are identified and assessed, and that the necessary measures are implemented to keep information security up to date. The information security team is responsible for ensuring that the business complies with requirements based on laws and other external regulations in its operations. The information security team is responsible for providing information security guidance, defining general information security requirements, and overseeing technical information security. Information security solutions are implemented using up-to-date technologies, with particular attention paid to user experience and usability.<\/span><\/p>\n

It is the responsibility of all members of the information security team to ensure that employees are aware of information security issues so that they can recognize security threats and respond appropriately when they encounter them.<\/span><\/p>\n

All employees are required to familiarize themselves with and comply with the provided guidelines, as well as to report any information security threats or risks they identify. As part of its normal operations, the information security team is responsible for monitoring employees\u2019 compliance with information security guidelines and, if necessary, addressing any actions that violate information security policies and guidelines.<\/span><\/p>\n


\n<\/span>3. Information Security Policies<\/span><\/h1>\n


\n<\/b>Risk Assessment<\/b><\/p>\n

Information security risks are assessed and analyzed based on their impact on business operations. The assessment must be conducted during the specification phase of new systems and in connection with significant changes that affect the criticality of operations.<\/span><\/p>\n

Centralized user rights management<\/b><\/p>\n

The goal is for the administrators of all systems and the information security team to define the principles for granting access rights. Access rights for external users are managed centrally.<\/span><\/p>\n

Classification and Processing of Data<\/b><\/p>\n

Vertia uses a data security classification method that defines how data is classified and how data in different categories is handled.<\/span><\/p>\n

Processing of Personal Data<\/b><\/p>\n

The processing of personal data via remote connections is prohibited without specific procedures in place. Exceptions must be approved by the information security team and may be implemented in accordance with separately agreed-upon methods. <\/span><\/p>\n

Cybersecurity Training<\/b><\/p>\n

Every Vertia employee participates in information security training or reviews the information security guidelines.<\/span><\/p>\n

Supervision and Monitoring<\/b><\/p>\n

Improving and maintaining information security requires systematic and continuous monitoring of information systems. Those responsible for monitoring are bound by a duty of confidentiality regarding the information they handle in the course of their work. They are required to sign a confidentiality agreement, whether they are employed by Vertia or a third party.<\/span><\/p>\n

The information security situation is reported as part of normal internal monitoring. Technical information security is continuously assessed. <\/span><\/p>\n

Handling of Security Incidents<\/b><\/p>\n

Vertia has effective procedures and tools in place to detect information security incidents. In addition, it has contingency plans in place and conducts regular drills.<\/span><\/p>\n

 <\/p>\n

4. Monitoring of Service Providers<\/span><\/h1>\n

Suppliers must agree to comply with the data protection requirements set by Vertia, which are outlined in the data protection addendum to the service agreements. <\/span><\/p>\n

 <\/p>\n

5. Data Breaches<\/span><\/h1>\n

Any action that violates the information security policy or guidelines is considered an information security breach. Information security is monitored in accordance with best practices for oversight.<\/span><\/p>\n

 <\/p>\n

6. Communication with staff and partners<\/span><\/h1>\n

Both an internal and a public version of the information security policy will be published. The internal version will be communicated to all staff. The public version will be published in Finnish on Vertia\u2019s website and shared with partners.<\/span><\/p>\n

 <\/p>\n

7. Approval and Adoption of the Information Security Policy<\/span><\/h1>\n

 <\/p>\n

This policy takes effect immediately. <\/span><\/p>\n

 <\/p>\n

Helsinki, May 14, 2018<\/span><\/p>\n

 <\/p>","protected":false},"excerpt":{"rendered":"

1. P\u00e4\u00e4m\u00e4\u00e4r\u00e4 Vertian tietoturvatiimi huolehtii Vertian tietoj\u00e4rjestelmien ja niiden k\u00e4yt\u00f6n h\u00e4iri\u00f6tt\u00f6myydest\u00e4 ja turvallisuudesta. Tietoturvallisuudella tarkoitetaan kaikkien tietojen, miss\u00e4 tahansa muodossa ne esiintyv\u00e4tk\u00e4\u00e4n, turvallista k\u00e4sittely\u00e4. Tietoturvallisuus on tietojen luottamuksellisuuden, eheyden ja k\u00e4ytett\u00e4vyyden varmistamista. Vertian liiketoiminta edellytt\u00e4\u00e4 tietoj\u00e4rjestelmien h\u00e4iri\u00f6t\u00f6nt\u00e4 ja turvallista toimintaa. T\u00e4m\u00e4n varmistamiseksi tietoturvallisuutta seurataan aktiivisesti ja poikkeamiin puututaan nopeasti ennalta m\u00e4\u00e4riteltyjen menetelmien mukaisesti. Tietoturvallisuutta toteutetaan Read more about Vertian tietoturvapolitiikka<\/span>[…]<\/a><\/p>\n","protected":false},"author":6,"featured_media":0,"parent":2139,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-2570","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"\nVertian tietoturvapolitiikka | Vertia.fi<\/title>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vertian tietoturvapolitiikka | Vertia.fi\" \/>\n<meta property=\"og:description\" content=\"1. P\u00e4\u00e4m\u00e4\u00e4r\u00e4 Vertian tietoturvatiimi huolehtii Vertian tietoj\u00e4rjestelmien ja niiden k\u00e4yt\u00f6n h\u00e4iri\u00f6tt\u00f6myydest\u00e4 ja turvallisuudesta. Tietoturvallisuudella tarkoitetaan kaikkien tietojen, miss\u00e4 tahansa muodossa ne esiintyv\u00e4tk\u00e4\u00e4n, turvallista k\u00e4sittely\u00e4. Tietoturvallisuus on tietojen luottamuksellisuuden, eheyden ja k\u00e4ytett\u00e4vyyden varmistamista. Vertian liiketoiminta edellytt\u00e4\u00e4 tietoj\u00e4rjestelmien h\u00e4iri\u00f6t\u00f6nt\u00e4 ja turvallista toimintaa. T\u00e4m\u00e4n varmistamiseksi tietoturvallisuutta seurataan aktiivisesti ja poikkeamiin puututaan nopeasti ennalta m\u00e4\u00e4riteltyjen menetelmien mukaisesti. Tietoturvallisuutta toteutetaan Read more about Vertian tietoturvapolitiikka[...]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/vertia.fi\/en\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/\" \/>\n<meta property=\"og:site_name\" content=\"Vertia.fi\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-25T09:06:18+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/vertia.fi\\\/yritys\\\/tietosuoja\\\/vertian-tietoturvapolitiikka\\\/\",\"url\":\"https:\\\/\\\/vertia.fi\\\/yritys\\\/tietosuoja\\\/vertian-tietoturvapolitiikka\\\/\",\"name\":\"Vertian tietoturvapolitiikka | Vertia.fi\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/vertia.fi\\\/#website\"},\"datePublished\":\"2018-11-15T08:19:41+00:00\",\"dateModified\":\"2021-10-25T09:06:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/vertia.fi\\\/yritys\\\/tietosuoja\\\/vertian-tietoturvapolitiikka\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/vertia.fi\\\/yritys\\\/tietosuoja\\\/vertian-tietoturvapolitiikka\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/vertia.fi\\\/yritys\\\/tietosuoja\\\/vertian-tietoturvapolitiikka\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Etusivu\",\"item\":\"https:\\\/\\\/vertia.fi\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tietoa meist\u00e4\",\"item\":\"https:\\\/\\\/vertia.fi\\\/yritys\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Tietosuoja\",\"item\":\"https:\\\/\\\/vertia.fi\\\/yritys\\\/tietosuoja\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Vertian tietoturvapolitiikka\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/vertia.fi\\\/#website\",\"url\":\"https:\\\/\\\/vertia.fi\\\/\",\"name\":\"Vertia.fi\",\"description\":\"Asumisen laadun varmistaja\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/vertia.fi\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vertian tietoturvapolitiikka | Vertia.fi","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_GB","og_type":"article","og_title":"Vertian tietoturvapolitiikka | Vertia.fi","og_description":"1. P\u00e4\u00e4m\u00e4\u00e4r\u00e4 Vertian tietoturvatiimi huolehtii Vertian tietoj\u00e4rjestelmien ja niiden k\u00e4yt\u00f6n h\u00e4iri\u00f6tt\u00f6myydest\u00e4 ja turvallisuudesta. Tietoturvallisuudella tarkoitetaan kaikkien tietojen, miss\u00e4 tahansa muodossa ne esiintyv\u00e4tk\u00e4\u00e4n, turvallista k\u00e4sittely\u00e4. Tietoturvallisuus on tietojen luottamuksellisuuden, eheyden ja k\u00e4ytett\u00e4vyyden varmistamista. Vertian liiketoiminta edellytt\u00e4\u00e4 tietoj\u00e4rjestelmien h\u00e4iri\u00f6t\u00f6nt\u00e4 ja turvallista toimintaa. T\u00e4m\u00e4n varmistamiseksi tietoturvallisuutta seurataan aktiivisesti ja poikkeamiin puututaan nopeasti ennalta m\u00e4\u00e4riteltyjen menetelmien mukaisesti. Tietoturvallisuutta toteutetaan Read more about Vertian tietoturvapolitiikka[...]","og_url":"https:\/\/vertia.fi\/en\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/","og_site_name":"Vertia.fi","article_modified_time":"2021-10-25T09:06:18+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/vertia.fi\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/","url":"https:\/\/vertia.fi\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/","name":"Vertian tietoturvapolitiikka | Vertia.fi","isPartOf":{"@id":"https:\/\/vertia.fi\/#website"},"datePublished":"2018-11-15T08:19:41+00:00","dateModified":"2021-10-25T09:06:18+00:00","breadcrumb":{"@id":"https:\/\/vertia.fi\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/vertia.fi\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/vertia.fi\/yritys\/tietosuoja\/vertian-tietoturvapolitiikka\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Etusivu","item":"https:\/\/vertia.fi\/"},{"@type":"ListItem","position":2,"name":"Tietoa meist\u00e4","item":"https:\/\/vertia.fi\/yritys\/"},{"@type":"ListItem","position":3,"name":"Tietosuoja","item":"https:\/\/vertia.fi\/yritys\/tietosuoja\/"},{"@type":"ListItem","position":4,"name":"Vertian tietoturvapolitiikka"}]},{"@type":"WebSite","@id":"https:\/\/vertia.fi\/#website","url":"https:\/\/vertia.fi\/","name":"Vertia.fi","description":"Ensuring Quality of Life","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/vertia.fi\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"}]}},"_links":{"self":[{"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/pages\/2570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/comments?post=2570"}],"version-history":[{"count":2,"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/pages\/2570\/revisions"}],"predecessor-version":[{"id":2572,"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/pages\/2570\/revisions\/2572"}],"up":[{"embeddable":true,"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/pages\/2139"}],"wp:attachment":[{"href":"https:\/\/vertia.fi\/en\/wp-json\/wp\/v2\/media?parent=2570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}