Language

Brother Group's CSR

Information Security

To Properly Manage and Protect Information

Developing the Brother Group Information Management Regulation

The Brother Group considers the proper management and protection of information as the foundation of maintaining management quality. In FY 2014, the Brother Group Information Management Regulation has been put in place in response to the expansion of the Brother Group by M&A. Consequently, information management in the Group has been unified by the regulation in compliance with the information security management system (ISMS), which has also enhanced security of information sharing within the Group.
Placing the Information Management Committee of Brother Industries, Ltd. (BIL) at the top, the roles of regional headquarters in the Americas, Europe, and etc. were clarified so that they could be responsible for the performance of information management activities of the subsidiaries under their control. By this clarification, grasping the situations of the information management of the companies became easy with surely conveying the decision of Information Management Committee of BIL.
We also have set unified security criteria among the Brother Group for various items. By the criteria, each company of the Brother Group can manage information with same security level. For example, the information the Brother Group handles is categorized into four levels based on its confidentiality and rules for storing, accessing and disposing of information are defined.

Four information management levels based on confidentiality

Four information management levels based on confidentiality

Strengthening Measures to Prevent Information Leakage

Measures against unauthorized access from outside

Regarding unauthorized access invading from outside, information leakage is prevented by capturing suspicious behavior at three stages, the entrances from the Internet, on corporate networks and the exits to the Internet.
For example, against the targeted attack by e-mail, suspicious e-mails are deleted at the entrances from the Internet. On corporate networks, malicious programs like computer viruses are monitored and deleted. At the exit to the Internet, communication is blocked to prevent information leakage when the partner of communication is found to be a dangerous server.

Measures against internal wrongdoing

The rules for the handling of information in the company are set and informed to the employees of the Brother Group through e-learning, etc. The employees are thus prevented from conducting risky behavior by mistake. If there's any improper behavior, violation of rules is spotted by checking the records of information handling via security tool installed in each PC and reported to the person in charge of the department where the wrongdoing is spotted. In addition, by informing employees of the governance of each PC through this system, wrongdoing is prevented.