This responsibility belongs to every single one of us, to protect not just business interests, but the trust placed in us by customers, partners, and stakeholders around the world.
During your career at ST, you will receive, be exposed to, access or handle confidential, personal, and other Proprietary information about ST, its clients, business partners, and other employees. Your duty in every case? Loyalty and confidentiality. You must always protect such information. Even after your contract with ST ends.
How can you make sure you’re taking the right measures? You’ll find tips and best practices in the DOs/DON’Ts section. But here is an example. In matters of cybersecurity you need to:
- Choose strong passwords and protect them;
- Enable two-factor authentication;
- Use only authorized tools;
- Lock screens when you leave your workstation unattended.
What does it mean?
Our most valuable assets encompass:
- Data and information that are ST’s Proprietary information, which may be restricted, confidential or secret.
- Physical assets such as servers, computers and Company phones.
- Business-critical systems and infrastructure upon which business-critical systems operate.
Each of these plays a crucial role in our continued success and must be protected accordingly.
Unauthorized disclosure or theft of assets poses severe risks to our success. Beyond immediate financial losses, such incidents:
- Compromise competitive position;
- Damage our business relationships;
- Threaten long-term growth opportunities.
Every breach undermines the trust that our stakeholders have invested in us, creating lasting damage that extends far beyond financial impact.
Our Do’s
- We use ST’s assets and information responsibly, only for legitimate business purposes.
- We report any suspicious activities or potential security breaches (including loss or theft of any equipment).
- We define and implement measures to protect digital assets and information from cyber threats that need to be followed by all employees.
- We provide employees with information on best practices, processes, and cyber threat detection.
- We remain vigilant against cyber threats, including phishing attacks, malware, ransomware, data breaches, and social engineering attempts.
Our Don’ts
- We never store ST documents on personal devices or personal on-line solutions, but keep them on Company solutions or storage devices.
- We never leave our laptops or phones unattended in any public space or means of transportation (restaurants, airports, planes, stations, trains, etc.).
- We don’t share confidential and other Proprietary information unless necessary, and operate strictly on a need-to-know basis.
- We don’t keep confidential and other Proprietary documents when they are no longer needed: we shred them and keep our desks free of sensitive documents at all times.
Protecting assets and confidential information
in practice
Because real life is rarely as clear-cut as theory, here are the answers to a few questions you might have
I need to make a quick 5-minute stop to pick up some essentials and have my ST PC laptop with me. I’m considering leaving it in my car during this brief stop. Is this a safe decision?
No, never leave your ST PC in your car (or any other devices provided by ST), even for 5 minutes. Leaving it unattended, even for that short time, poses a significant risk of theft or unauthorized access. Take your ST device with you to make sure it remains secure. Always prioritize the security of Company assets and confidential information.
I’d like to make a backup of Company documents stored on my ST PC, by copying them on my personal Google Drive or any other web-based solution using my personal account.
Never copy any Company information on personal online solutions. There is no need to backup the data on your ST PC, as they are either stored on shared Company repositories (such as O365 Teams).