At SESTEK, we value our relationships with our customers, government agencies, and partners with whom we collaborate in our activities. The continuity of the services we provide, the confidentiality of the information we hold, and the integrity and accessibility of our customers' or our own information assets are of the utmost importance. With the support of all our personnel, we aim to further improve our processes in this context and internalize a culture of information security in line with the following elements.
- We aim to document, certify, and continuously improve the requirements of the ISO 27001:2022 standard for our information security management system, the ISO/IEC 27017:2021 standard in the context of cloud services, and the ISO/IEC 27018:2020 standard on the protection of personal data in cloud environments, both as a cloud service customer and as a cloud service provider, and to ensure that they are documented, certified, and continuously improved.
- Continuously review our risks, both in our internal systems and in the cloud service environments we provide or use and implement appropriate controls for those above an acceptable level.
- To carry out work to ensure that personal data belonging to individuals, excluding commercial information belonging to legal entities, is protected in accordance with national and international regulations, with confidentiality, integrity, and accessibility guaranteed, particularly in the processing and storage of such data in cloud services
- To increase our employees' awareness of information security, cloud security, and personal data protection
- To comply with national or sectoral regulations, legal and relevant legislation requirements; to fulfill obligations arising from agreements; to ensure information security, cloud security, and personal data protection requirements arising from corporate responsibilities towards internal and external stakeholders,
- To have the competence to respond quickly to information security and personal data breaches from both the user and provider perspectives and minimize the impact of such incidents,
- To enhance our corporate reputation; to protect both our customers and the providers we work with from negative impacts related to information security and personal data,
- We are committed to working diligently to become a leading organization in the industry in terms of information security, cloud security, and personal data protection.
