Case study: How Axis protects customer privacy
As an industry leader in network video with a global market presence, offering products and services for video surveillance, access control and audio systems, as well as video analytics, distributed across the globe through a broad network of partners and its own global operations, Axis constantly works and invests in different measures to achieve the best possible security in its products and solutions, safeguarding customers’ privacy.
This case study is based on the 2017 Annual and Sustainability Report by Axis published on the Global Reporting Initiative Sustainability Disclosure Database that can be found at this link. Through all case studies we aim to demonstrate what CSR/ ESG/ sustainability reporting done responsibly means. Essentially, it means: a) identifying a company’s most important impacts on the environment, economy and society, and b) measuring, managing and changing.
Abstract
For Axis and its partners it is extremely important that customer privacy is handled properly Tweet This!, ensuring effective security with the aim of protecting customer information. In order to protect customer privacy Axis took action to:
- focus on IT security
- work preventively to protect customer information
- provide training
- deal with vulnerabilities and incidents
Subscribe for free and read the rest of this case study
Please subscribe to the SustainCase Newsletter to keep up to date with the latest sustainability news and gain access to over 2000 case studies. These case studies demonstrate how companies are dealing responsibly with their most important impacts, building trust with their stakeholders (Identify > Measure > Manage > Change).
With this case study you will see:
- Which are the most important impacts (material issues) Axis has identified;
- How Axis proceeded with stakeholder engagement, and
- What actions were taken by Axis to protect customer privacy
Already Subscribed? Type your email below and click submit
What are the material issues the company has identified?
In its 2017 Annual and Sustainability Report Axis identified a range of material issues, such as customer satisfaction, anti-corruption, carbon footprint, occupational health and safety, human rights and working conditions in the supply chain. Among these, protecting customer privacy stands out as a key material issue for Axis.
Stakeholder engagement in accordance with the GRI Standards
The Global Reporting Initiative (GRI) defines the Principle of Stakeholder Inclusiveness when identifying material issues (or a company’s most important impacts) as follows:
Stakeholders must be consulted in the process of identifying a company’s most important impacts and their reasonable expectations and interests must be taken into account. This is an important cornerstone for CSR / sustainability reporting done responsibly.
Key stakeholder groups Axis engages with:
Stakeholder Group | Method of engagement |
Employees
| · Web survey with all employees in companies acquired in 2016 · Employee survey · Performance reviews · Continual dialogue with trade unions · In-depth interviews about Axis’ sustainability work · Intranet, meetings etc. |
Distributors and partners
| · Web-based survey with distributors and partners in all regions where Axis has operations · Training · Webinars · events · In-depth interview about Axis’ sustainability work · Newsletters etc. |
End customers
| · Continuous evaluations · Newsletters |
Suppliers
| · In-depth interviews about Axis’ sustainability work · Training · Webinars · Supplier audits |
Investors and owners
| · Meetings · Board meetings · Interim reports · Annual report · Annual general meeting · Interview about Axis’ sustainability work |
Society
| · In-depth interviews about Axis’ sustainability work with representatives from local authorities and trade associations · Membership of local and international trade associations · Collaboration with universities · Trade exhibitions and other activities for students |
How stakeholder engagement was made to identify material issues
To identify and prioritise material topics Axis engaged with its stakeholders through a web survey, in-depth interviews and further dialogues in the form of employee surveys, satisfaction surveys, customer meetings, discussions and various types of collaboration.
What actions were taken by Axis to protect customer privacy?
In its 2017 Annual and Sustainability Report Axis reports that it took the following actions for protecting customer privacy:
- Focusing on IT security
- Axis has further increased its focus on IT security and works on this issue both internally and externally. Questions regarding IT security have also gained a more prominent role in Axis’ dialogue with distributors and partners. Additionally, Axis has started work on becoming certified according to the ISO27001 information security standard.
- Working preventively to protect customer information
- Axis works preventively and tries to eliminate all types of vulnerability before an incident is likely to occur, regardless of whether it concerns the vulnerability of an individual camera or of a larger solution. Accordingly, Axis carries out regular checks and evaluations to make sure customer information is handled and stored securely, and works continually to further improve security. Additionally, Axis’ research and development department attaches the highest priority to security and makes every effort to ensure software and interfaces are robust, with a high level of safety. Axis’ products and solutions support encryption and IP address filtering, and enable user authorisation protection and multi-stage logins.
- Providing training
- Axis trains its partners through seminars and workshops, and has additionally produced instructional materials. Axis also offers targeted training to its installers, to make sure video surveillance system installations are as safe as possible. In addition, at Axis’ partner meetings, questions about customer privacy and IT security in Axis’ products are continually discussed.
- Dealing with vulnerabilities and incidents
- Axis deals immediately with questions relating to customer privacy and personal integrity, and takes them extremely seriously. During 2017 Axis published six security bulletins, owing to the detection of vulnerabilities that had an impact on various products and solutions. Such publications, along with software updates to correct the problem, occur immediately when Axis discovers vulnerabilities.
Which GRI Standards and corresponding Sustainable Development Goals (SDGs) have been addressed?
The GRI Standard addressed in this case is:
Disclosure 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data corresponds to:
- Sustainable Development Goal (SDG) 16: Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels
- Business theme: Compliance with laws and regulations, Protection of privacy
78% of the world’s 250 largest companies report in accordance with the GRI Standards
SustainCase was primarily created to demonstrate, through case studies, the importance of dealing with a company’s most important impacts in a structured way, with use of the GRI Standards. To show how today’s best-run companies are achieving economic, social and environmental success – and how you can too.
Research by well-recognised institutions is clearly proving that responsible companies can look to the future with optimism.
7 GRI sustainability disclosures get you started
Any size business can start taking sustainability action
GRI, IEMA, CPD Certified Sustainability courses (2-5 days): Live Online or Classroom (venue: London School of Economics)
- Exclusive FBRH template to begin reporting from day one
- Identify your most important impacts on the Environment, Economy and People
- Formulate in group exercises your plan for action. Begin taking solid, focused, all-round sustainability action ASAP.
- Benchmarking methodology to set you on a path of continuous improvement
References:
1) This case study is based on published information by Axis, located at the link below. For the sake of readability, we did not use brackets or ellipses. However, we made sure that the extra or missing words did not change the report’s meaning. If you would like to quote these written sources from the original, please revert to the original on the Global Reporting Initiative’s Sustainability Disclosure Database at the link:
http://database.globalreporting.org/
2) https://www.globalreporting.org/standards/gri-standards-download-center/
Note to Axis: With each case study we send out an email requesting a comment on this case study. If you have not received such an email please contact us.