Information Security

Our security policies provide an essential framework for protecting information and managing access within our organisation. Key areas covered include access control, acceptable system use, data classification, incident response, and overall information security management.

Our approach to organisational security focuses on people, processes, and technology. This includes employee screening, security awareness training, access and asset management, a clear code of conduct, and structured incident response procedures – all integrated to protect our information and maintain compliance across the organisation.

Our risk management practices systematically identify and address risks that we are exposed to. Through regular risk assessments, reporting, and proactive mitigation strategies, we maintain visibility and control over risks, ensuring they remain within the limits defined by our governance framework.

Our infrastructure security measures protect our network and systems from unauthorised access, data breaches, and operational disruptions. Through techniques like network segmentation, vulnerability management, encrypted remote access, proactive monitoring, and regular backups, we maintain a secure and resilient technology environment.

Our endpoint security strategy ensures all RIPE NCC devices and mobile endpoints are protected against unauthorised access, data loss, and malicious activity. By implementing full disk encryption, advanced endpoint detection and response (EDR) solutions, and rigorous mobile device management (MDM) controls, we mitigate risks associated with device theft, loss, or compromise.