The OKI Group's Efforts for Information Security

As the use of information technology is indispensable for any company to improve its productivity and develop new services, information security is one of the most important issues in today's business environment.

The OKI Group, as a leader in the information society, has been long committed to the promotion of information security, and offered its customers various security products and services. It has also made various efforts to enhance its own information security to make customers feel assured to use its products and services. For example, we have implemented our security measures from three perspectives as shown in the following diagram since the enactment of the OKI Group Security Policy in fiscal 2002 while obtaining ISMS(*1) certification.

Furthermore, the OKI Group established the Information Security Committee in fiscal 2007 in order to strengthen measures against information leaks. Since then, each business unit of the group has designed its measures to promote information security under the supervision of the committee.

The secretariat of the Information Security Committee conducts on-site monitoring to check how each business unit has implemented its measures. In fiscal 2010, four business units were monitored.

• *1:ISMS

  Information Security Management System

Information Security Systems Based on Three Perspectives

Top of this page

Instilling Strong Security Awareness

Believing that information security is ultimately ensured by individual employees with strong security awareness, the OKI Group puts greatest importance on building a system that encourages its employees to observe security-related rules.

More specifically, we provide group training programs and e-learning programs to all employees using the information infrastructure of the OKI Group in order to increase and instill security awareness. The contents of these programs are reviewed and revised every year.

In fiscal 2010, we revised the curriculum of a group training program designed for the people in charge of information security at each business unit of OKI and each member company of the group, and provided a re-education program at OKI's all business units and all member companies in Japan.

The revised curriculum focused on the improvement of security awareness through case studies and accident information. It also contained appropriate responses to security accidents.

The OKI Group's e-learning program includes an e-learning course on mobile PCs. People desiring to use their mobile PCs are required to apply for a permit to use them and attend the course at the beginning of each fiscal year. The program also includes a course on information security to be attended by all employees of the OKI Group every autumn. In fiscal 2010, the course was provided in October and attended by almost all employees.

We also conducts an information security general checkup of all employees including temporary staff every October during the OKI Disaster Prevention Week. In fiscal 2010, we reexamined the items to be checked and made them more specific based on recent cases of computer virus infection in order to avoid any misunderstanding and improve security awareness.

Since the development of web services always entails new types of network threats, we need to provide educational programs meeting the current needs of information security.

The OKI Group will continue to improve the quality of information security by reexamining and revising the contents of its education programs on a regular basis.