news
On Guard of Information Security
In connection with the publication in Telegram-channel @RiskTakersKZ with reference to the Kedentransservice joint stock company (hereinafter — the Company) that it is possible that the employees of the Company use Trello software (cloud solution) as part of the management of their own IT projects. These assumptions are erroneous and do not reflect reality. It should be noted that the Company and Bolashak Engineering LLP (hereinafter — the Supplier) have concluded contracts for the provision of support services and modifications to the “Perevozki” information and accounting system. As it has been known, in the process of the services provision, the Supplier used Trello software as a project management system for the purposes of management and operative tracking of the Company’s incoming requests status. In this connection, the Supplier created a “kanban board” in Trello – “Development of KDTS Information System”. Cards (tags) placed on the “kanban board” are only the names of processes describing the tasks performed by the Supplier’s specialists and do not contain information that constitutes official, financial or commercial secret of the Company or its contractors.
The Company’s specialists took operative measures within information security for unauthorized access to the Company’s information resources and disclosure of confidential information. No relevant facts were revealed as a result of the measures.
The Company is one of the leading operators of logistic terminals in the Republic of Kazakhstan and has unique assets and competence in the field of terminal cargo handling in the regions and transshipment of cargo imported from China at Dostyk and Altynkol stations. The Company has an Information Technology Development Policy, and takes measures to comply with the current Information Security Policy and prevent dissemination of inaccurate information damaging the Company’s reputation.
At the same time, the Company adheres to the principle of “zero” tolerance to any risks, which may occur as a result of uncoordinated actions of the Company’s employees and third parties and lead to disclosure of confidential information with damage to the Company. In this regard, the Company, in accordance with the established procedure, will analyze the risks related to threat of use of open resources by the Supplier and take strict measures in case of determining the responsibility.