Environmental | Social | Governance
IT Jacob Brønnum-Schou , adding : " It is important that the use of our platforms is in line with our policies and obligations under , for example , the GDPR . The blueprint has to be in order , so to speak ."
Being a law firm , we are helped along by our " confidentiality gene ", which ensures that data are stored in the right places with the proper access rights , and of course we have clear policies and rules governing our handling of data and IT security . The common denominator for all of our IT solutions is that the security network is the same and managed from a central location in the " cloud ". If a contemplated IT system does not come with security built in and cannot " communicate " with our existing security , then we do not want the system – this is called Security By Design .
With the help of the cloud , we ensure instant , automated protection against threats . And to identify threats , we use technologies with large sets of connected data in Microsoft Intelligent Security AI ( Artificial Intelligence ), based on advanced machine learning models . With the support of cloud protection , we can deliver accurate and intelligent real-time protection . If a PC is hit by malicious activity while we sleep , it switches off automatically to avoid infecting the rest of our IT landscape . And if an employee is travelling abroad , the PC will check the location and may request multi-factor authentication .
Security was also one of the main focus areas of Kromann Reumert ' s advisory services in 2022 . Read more about our cybersecurity advice on page 28 .
External audit of our cybersecurity We take the protection of our data and our clients ' data seriously . Therefore we " stress test " our security twice a year . We do that by inviting a " white hacker " – the closest thing to a true ethical hacker – to visit us .
The hacker legitimately uses his skills to test and challenge our security system and to troubleshoot and constantly fix problems together with our IT department . We use a white hacker as an indirect defence against other , more malicious hackers .
IT security audit opinion In 2022 , we arranged an inspection of our IT security and our procedure for dealing with a personal data breach . In January 2023 , we received from PwC an audit opinion on several checkpoints – the opinion was prepared in accordance with the ISAE 3000 standard . We can therefore in future present an audit opinion in connection with tenders and our clients ' compliance reviews where the documentation requirements for IT security , among other things , are getting more and more stringent .
Jacob Brønnum-Schou Dir . + 45 70 12 12 11 jbs @ kromannreumert . com
57