Lemonsoft Data Security

In Finnish

Data security has an important and growing role for Lemonsoft.

Proper management of data security significantly reduces the likelihood of threats materialising.

Our data security objectives are:

  • Data security helps ensure the continuity of Lemonsoft’s business.
  • Data security protects personal data processed in Lemonsoft’s operations.
  • Data security protects your own and your partners’ business secrets to be processed in Lemonsoft’s operations.
  • The management system ensures customer satisfaction and compliance with the requirements in terms of data security.
  • The management system ensures compliance with legal obligations.
  • The management system integrates data security as part of Lemonsoft’s operating culture.

To develop our cybersecurity and respond to new threats, we initiated a project in December 2023 to construct an information security management system in accordance with the ISO/IEC 27001:2022 standard. The project’s goal is to build, implement, and audit the information security management system. The cybersecurity project also covers the obligations of the Cybersecurity Directive (NIS2 Directive).

The management system compliant with the standard (ISO/IEC 27001:2022 section) was pre-audited in May by Second Nature Security, and the decision to implement the information security management system was made in June 2024. The project continues with the deployment of cybersecurity management measures and pre-audit towards certification. The certification target is March 2025, but controls and processes of the management system have already been implemented during the project.

Lemonsoftin Privacy policy Lemonsoftin Data Security Policy

Development project

In the development project, we go through and re-model, for example:

  • Data security policy and operating principles
  • Data classification
  • Risk management
  • Vulnerability management
  • Processing of data security incidents
  • Change management

In addition, we create a cyber threat model that we use in security planning and internal training.

Data security training

Data security training is held regularly for all Lemonsoft personnel and, in addition, tailor-made training is provided for software developers on various software vulnerabilities. The goal is also to go through and re-model the security controls that are distributed according to the standard into:

  • Organisational management tools
  • Personnel management tools
  • Physical management tools
  • Technological management tools

Do you need more information?

Get in touch. We are here to help!

Pasi Hakkarainen

Information Security Manager

pasi.hakkarainen@lemonsoft.fi

Janne Tammi

CTO

janne.tammi@lemonsoft.fi