Security, privacy, data policy and open source policy
Being a trustworthy and reliable partner for our owners, customers and service users is important for us. We comply with the laws and regulations on security, privacy, data management and open source code in everything we do. We also aim to be pioneer of good practices and trendsetter for other actors in the field.
Security
We are using best practices and comprehensive security implementation to ensure the security of services, systems and retained data. Security covers the confidentiality, integrity and availability of the protected functions.
We are complying with the security policy approved by our management in all our activities. Our information security management is based on beforehand prediction and planning, ensuring personnel’s competence, and incident management. Foreseeing and planning include identifying and classifying the sites to be protected, recovery and continuity planning, and security contracts. The competence of our personnel is supported with a security training program and up-to-date security instructions.
Our long-term deeds for improving our information security have been awared with recognised security certificates.
Read more about security certificates granted to CSC
CSC’s data centers have been granted an ISO/IEC 27001 certificate for information security management systems. Our ISO/IEC 27001 certified information security management system ensures that our organisation posesses the capacity to manage, control and continuously develop the information security of it’s services and operations. The scope of our ISO 27001 certification currently covers Datacenter Operations, ICT Platforms, IaaS cPouta and ePouta, Long-term Preservation Service PAS as well as Eduuni and Tiimeri collaboration platforms in Espoo and Kajaani. The certification audits has been performed by Kiwa Inspecta Ltd.
Privacy
Data protection refers to a person’s rights to their personal data. Data protection is a fundamental right that belongs to everyone, and appropriate processing of personal data is an essential part of CSC’s operating culture. Data protection at CSC is based on various measures which ensure the appropriate and safe collection, use, storage and deletion of personal data in accordance with the data protection principles. Within the framework of legislation, we ensure that our service users have the right to decide which personal data are collected on them and how their data are processed.
Data policy
Good data management practices are a prerequisite for doing our work and ensuring our customers’ success. The importance of data management is also highlighted in our strategy, as one of our key strategic objectives is ‘Benefits from well-managed data’.
A goal-oriented data policy can bring great benefits to both research and public administration. The cornerstones of data management are the quality, availability, reusability and lifecycle management of data. The reliability and transparency of data management are also important.
In addition to complying with and promoting good data management practices in our daily work, we offer our customers instructions, tools and recommendations for ensuring the quality and reusability of data. Principles laid down in writing lay a foundation for a shared understanding of data management, both internally and with our customers.
Learn more about our data policy
We have published our data policy to highlight the measures we take to enable the availability, usability and preservation of customer data. In addition to our personnel, this policy applies to our customers, subcontractors and visitors and to data owned by both us and our customers. Depending on the service in question, CSC may operate in the role of either a data owner or a data processor.
We are aware of the fact that data types and data management practices vary between different services and customer groups. Different data sets also necessitate a broad range of data management practices and solutions. However, exceptional cases or changes are agreed upon separately in the terms of use and contracts concluded with the customers.
Learn more about our PID policy
CSC is committed to implementing the FAIR principles, according to which information should be Findable, Accessible, Interoperable and Reusable.
Open source software
We want to build a sustainable digital ecosystem based on open source software, open data and open interfaces. We engage in long-term work to promote openness, as openness and the extensive cooperation it enables are the very factor that creates added value for both our customers and our service users.
To facilitate and promote the production and use of open source code, we have published our policy on open source code.
News
Subscribe to our newsletters!
From our newsletters you will get up-to-date information about the services we offer for research and the trainings we provide.