dcsimg

Your browser version is not updated, please update it.

IT security With a view to safeguarding business and achieving strategic and operational objectives, the Group considers it strategically important to guarantee the protection of the information assets of the Company, and of its customers and other stakeholders, and to ensure the security of transactions.

With a view to safeguarding business and achieving strategic and operational objectives, the Group considers it strategically important to guarantee the protection of the information assets of the Company, and of its customers and other stakeholders, and to ensure the security of transactions.

As evidence of the specific attention paid to this issue, the Group’s objective is to pursue ongoing research and subsequent dissemination of advanced technological solutions in order to address IT risks and promote technological innovation. Ensuring adequate levels of confidentiality, integrity and availability of data, information and services provided to customers requires increasingly advanced protection systems to safeguard personal data, tangible and intangible assets and intellectual property. Consequently, in line with business needs, Poste Italiane has developed and adopted a specific IT security framework that, starting from the objectives defined in the IT Security Policy, provides specific methodologies regarding the IT risk analysis, cross-cutting interventions and technological projects needed to ensure the proper functioning of the security platforms, “Security by Design” activities and cross-cutting security technological infrastructures. The framework is completed by integrated management of information flows deriving from the various IT security structures and an Integrated Management System for IT Quality and Security that incorporates the aspects highlighted by international standards and postal sector benchmarks.

Thanks to the innovative processes and strategic partnerships put in place by the Group, in 2018 47% fewer IT security breaches and cyber security incidents were registered (around 16) compared with around 30 in 2017.
 
Poste Italiane’s main projects within this area are “Personal data protection” and “The Computer Emergency Response Team (CERT) and business continuity”, which are detailed below.
 
  • Personal data protection. With a view to achieving uniform management of personal data and compliance with recent regulatory requirements in this regard, the Group has adopted a corporate regulatory system consisting of the Privacy Guidelines, to ensure that management complies with legal provisions, and the Personal Data Protection Management System Guidelines, designed to ensure a uniform personal data management system at Group level, which complies with the provisions of the European General Data Protection Regulation (GDPR) and current Italian legislation.
  • The Computer Emergency Response Team (CERT) and business continuity. In order to ensure that cyber security and data protection activities are monitored at Group level, as early as 2013 the Company created the Computer Emergency Response Team (CERT), consisting of a team of IT security experts. Specifically, CERT deals with prevention, analysis and protection from cyber threats, in order to increase the Company’s defence capabilities and awareness, to promote and disseminate knowledge and awareness of cyber security at national level. With a view to sharing and exchanging knowledge in the field of cyber security, CERT has the task of coordinating all activities in response to computer emergencies and maintaining relations with other public and private institutions in order to protect its own computer networks and those of the national system.

© Poste Italiane 2019 - VAT registration number: 01114601006

vai a inizio pagina