Epson, in a code of conduct called "Principles of Corporate Behavior," states "We protect the safety and security of people and company assets, and we exercise strict care in the management of all information." The company has put in place a system for ensuring the security of employees and visitors. Employees recognize the importance of security and follow good security practices. The company's assets (financial, tangible, intellectual, brand, information, and other assets) are properly managed, and the assets of other parties are respected. Epson strictly controls personal data and confidential information to prevent leaks.
Epson has set forth essential information security principles and rules in a Basic Information Security Policy. The company is building an information security governance framework and fostering a corporate culture that reflects the importance and principles of good information security practices.
Epson’s various business units build and maintain their own information security systems based on Group-wide rules. We assess the systems and controls of each business unit, and we check whether information security risks are being managed effectively. Group-wide rules and policies established by Group companies were overhauled in April 2017 to remind employees about information that needs to be protected and to help ensure that the proper practices are being followed. The senior information security managers of the business units meet regularly to share knowledge and information and to track progress.
In addition, the Seiko Epson Printing Solutions Operations Division and IT Division, along with Epson Avasys Corporation, have earned ISO 27001-compliant Information Security Management System (ISMS) certification. They, along with the rest of the Epson Group, continuously seek to improve the systematic management of information security.
In Japan, Epson has designated July as Information Security Awareness Month. Every year during the month, domestic Epson Group companies conduct special programs to educate employees about information security. In the 2017 and 2016 fiscal years, we used Information Security Awareness Month to remind employees about the importance of information security. Middle managers were given special training, and all personnel, from top executives on down, were required to complete an online learning course about information security. In light of a recent increase in targeted attacks against businesses, Epson conducted drills to teach employees how to respond to a targeted e-mail attack.
Epson conducts information security programs on a global basis. In the 2017 fiscal year the senior information security managers from Epson sites around the world continue meeting regularly to discuss common issues and to increase the information security preparedness of Group companies.
Personal Data Protection
Epson has sought to protect the personal data of customers and employees Group-wide, in order to keep the trust of customers and all the people who provide us with personal data and fulfill our corporate social responsibility. In particular, Products such as Epson’s Pulsense heart rate monitor and M-Tracer for golf come with online services. Since these services contain the personal data of users, Epson conducts annual evaluations such as risk analysis of personal data operations and IT environments based on internal standards of personal data protection, and Epson confirms that personal data is appropriately managed and protected. In addition, Epson Sales Japan Corporation and Epson Direct Corporation maintain PrivacyMark System certification by updating it every two years.
In order to comply with the EU General Data Protection Regulations (GDPR), Epson has also completed revision of work rules/ framework, education for employees, and renovation of IT services.
Intellectual Property Protection
Epson protects the rights to its proprietary technologies so as to support the smooth and ongoing development of its existing businesses and the development and growth of new businesses. These actions ensure that our IP portfolio contributes to corporate earnings. We also respect the rights of others and implement measures to prevent infringement of those rights.
Anti-Counterfeiting Measures around the World
To protect the trusted Epson brand, we actively seek to seize counterfeit goods and other fraudulent articles that infringe the Epson trademark or our other intellectual property rights before they reach consumers.
We have set up anti-counterfeiting centers around the world that are staffed by people who monitor the goods produced and sold by manufacturers and retailers, and especially e-commerce retailers. We fight counterfeiting in a number of ways. For example, we share information with the police and other enforcement authorities to increase raids on counterfeiters. We educate customs officials to better enable them to recognize counterfeits and block their import and export. We also work with e-commerce site operators to halt the sale of imitation goods that violate our rights. The actions we take stop the distribution of counterfeit goods and help reassure consumers that the goods they buy are genuine Epson brand products.