Asamura Patent Office
Standard Information Security Policy
Asamura Patent Office (hereinafter referred to as “the Company”) is committed to protect its information assets from threats such as accidents, disasters, and crimes, and follow the policies outlined below to justify the trust of our clients and society as a whole:
1. Management’s responsibility
The firm will make systematic and continuous efforts to improve and enhance information security under the leadership of our management.
2. Establishment of internal systems
The Company will establish and maintain an in-house team and official rules for storing, organizing and handling of information.
3. Employee involvement
All employees will acquire the knowledge and skills required for information handling to ensure their commitment to our policies.
4. Compliance with legal and contractual requirements
To meet the expectations of our clients, the Company will comply with all applicable laws, regulations, and contractual obligations related to information security.
5. Response to violations and accidents
In the event of an accident or violation of information security laws, regulations, or contractual obligations, the Company will take appropriate measures to prevent recurrence.
The policy is in effect since June 8, 2021
Asamura Patent Office
Managing Partner: Ken Kanai
Asamura Security Policy
Part 1 Standard Measures
1. The OS and any software of PCs and smartphones are kept up to date.
2. Anti-virus software is installed on all PCs and smartphones and virus definition files (database files used to detect computer viruses) are kept up to date.
3. When sending files electronically, long and complex passwords that are difficult to break are automatically set in the system.
4. Appropriate access restrictions are in place for critical information (i.e., information that is necessary for business and valuable to the organization, such as trade secrets, or personal information of customers and employees).
5. A system is in place to learn about new threats and attack methods and share countermeasures within the office.
Part 2 Countermeasures to be taken by employees
6. We have installed special software to take all possible measures to prevent virus infection via e-mail attachments and URL links in the text.
7. To prevent mistakes in sending e-mails to the wrong address, we have installed a transmission checker.
8. Important information is never written in the body of e-mails but is stored in attached files and protected by passwords.
9. To ensure the safety of our wireless LAN, we have set up an appropriate encryption method.
10. We have installed powerful security software to prevent virus infection via the Internet and posting on social networking sites.
11. We have backups of important information in case it is lost due to virus infection, malfunction, or mishandling of computers or servers.
12. To prevent loss or theft, documents and electronic media containing important information are never left on desks and instead stored safely in store rooms.
13. When taking documents or electronic media containing important information out of the office, we take measures to prevent theft or loss.
14. We prevent employees from looking at the computer screen or operating the computer without permission when away from the desk.
15. We have installed an entry/exit system that restricts access to the office to those who are not in possession of a special security card.
16. We take measures to prevent theft by locking and storing laptop computers and equipment when leaving the office.
17. Strong security measures are in place to ensure that the office is locked and motion sensors are activated when it is unoccupied.
18. Documents containing important information are dissolved, important data is erased by overwriting symbols, and media containing important information is destroyed.
Part 3 Measures taken by the office
19. Employees understand the confidentiality guidelines and thoroughly enforce the rule of not leaking information obtained in the course of work to outside parties.
20. Information on office security is provided to employees.
21. Security measures for the use of personally owned information equipment for business purposes are clearly defined.
22. Confidentiality clauses are stipulated in contracts with business partners involving the transfer of important information.
23. External services used for cloud and website operations are selected based on their safety and reliability.
24. We prepare for security incidents by establishing emergency systems and response procedures.
25. Information security measures are set as rules and clearly explained to employees.