IT Security

Unique is committed in its dedication to the ongoing improvement of our Information Security Management System (ISMS) and Quality Management System (QMS), proactively adapting to evolving circumstances. This commitment guarantees robust protection for our customers' sensitive information. Furthermore, it significantly reduces Unique's risk exposure. Through obtaining external certifications, we bolster trust in our brand and product offerings. This enables our partners and customers to efficiently validate the secure and responsible management of their data.

Protection principle  

Confidentiality, availability, and integrity of information must be ensured according to the requirements defined by the customers. 

Responsibility  

All users of ICT services and processes are responsible for security. The requirements for protection are defined by the information owner.  

Access  

The principle of "need-to-know" and “least privilege” applies. Each user may only have access to the data that they need to fulfill their respective tasks. 

Documentation 

All security requirements and measures as well as any deviations from them must be documented. 

Awareness 

Every Unique employee must be aware of the risks associated with the use of information technology and be informed accordingly. 

Privacy 

When collecting and processing information, the necessary protection must be considered to maintain data privacy. In particular, the legal requirements in this regard must be complied with. 

Management of company assets 

The company assets (information, infrastructure, applications, etc.) must be identified and documented. Special attention must be paid to the protection of information assets, which is determined based on the classification concept by the data owner.  

ICT Continuity planning 

Recovery plans and processes must be in place for the critical applications and tested regularly to ensure they are up to date and fit for purpose.  

Risk Management 

ICT security is based on a Risk-based approach at Unique that is tailored to the needs of the business processes. A process-oriented ICT security management system regularly identifies deviations and violations of the guidelines. For this purpose, suitable metrics are defined to report on the effectiveness of the measures. 

Success control and continuous improvement 

The effectiveness of the measures implemented is checked using suitable metrics and continuously improved as required in accordance with the Deming cycle (plan-do-check-act).  

The entire life cycle of the information must be considered, from creation, processing, storage, transmission, archiving, and deletion to disposal/destruction.  

Security moments 

Sharing good or bad experiences with security and data protection in the daily huddle of Unique, that employees have learned or seen which relates to security. There is also an open special interest group (SIG) to share and communicate in case of security-relevant topics.