Corporate Security Policy

BEL INFORMATION SYSTEMS conducts its activities in order to serve the needs and expectations of its customers in the most effective and secure way complying with all applicable standards, laws and regulations.

The activities of BEL INFORMATION SYSTEMS are as follows:

  • Software development
  • Technical support
  • Trading of IT and Telecommunications equipment
  • Representation of software companies
  • Design, study, installation and support of IT projects

Physical security of facilities, staff, documents, software and sensitive materials is ensured by the company in accordance with relevant policies and procedures.

The managers of the Departments are responsible for the proper training of the staff in order to be able to safely and efficiently use the assets of the company available to them for the performance of their work.

Risk assessment is a repetitive effort and takes into account the contribution of each element to the company’s mission, weaknesses, risks, impacts, single points of failure, method of quantifying and evaluating risks, to reduce impacts through the application of controls.

Specifications for the supply of new or extending existing systems also include security requirements depending on their mission.

Access to the corporate network, as well as to the devices connected to it, is controlled.  Access to project software development systems is provided by authorized staff working on the project.

A centrally controlled system protects the corporate network from known or unknown malware. Files that contain security features against malware are updated automatically. The system protects servers, workstations, and remote computers, among others. A centrally controlled system protects the internal network from the Internet. The company has a Business Continuity Plan and maintains its relevance.

The Information Security Management System (ISMS) of BEL INFORMATION SYSTEMS complies with all applicable requirements of ISO 27001: 2013 and the company is committed to pursuing continuous improvement of its ISMS.

This policy is reviewed periodically for its relevance and is available to all internal and external interested parties as appropriate.