Security

Security Policy

HeadFirst Group is a leading, international full-service HR services provider. It also has the largest platform for temporary work for professionals, offering total talent solutions with a perfect combination of tech and touch. To achieve this, it is essential that the security of the platform and IT infrastructure is and remains secured. It is in the interest of HeadFirst Group's stakeholders that this is done with the utmost care.

To achieve this, the HeadFirst Group board maintains and improves a management process (Information Security Management System, ISMS) in accordance with ISO27001.

This enables HeadFirst Group to:

  • Securing and standardizing information security in primary - and secondary processes;
  • Provide testable assurance of our information security to clients and partners;
  • Continuously improve our information security;
  • Mitigate critical - and high risks regarding the loss of availability, confidentiality and/or integrity of information;
  • Mitigate mean risks related to the loss of availability, confidentiality and/or integrity of information where these contribute to the achievement of HeadFirst Group objectives.

To accomplish the above, the Board of HeadFirst Group will:

1. Be the example in ensuring information security;

2. Review this policy every two years or immediately if there are major changes;

3. Perform (or have performed) the other responsibilities from the ISMS.

For the board, management and employees of HeadFirst Group apply at least 1 the following rules of conduct:

Report security incidents and weaknesses immediately to the security officer at security@headfirst.nl;

  • Keep software up-to-date at your workplace;
  • Lock your laptop when leaving your workplace;
  • Adhere to clean desk rules for internal and confidential information;
  • Do not leave company assets (such as laptop, smartphone, etc.) in your car;
  • Use MFA (password and code) and use strong passwords;
  • Pay attention to suspicious emails and never automatically click on links;
  • Use only secure websites (the green lock in the address bar);
  • Never share passwords with others and only store them in your digital HeadFirst safe;
  • Store HeadFirst Group information only on the server, not on your local workstation/mobile device;
  • Do not distribute internal or confidential information to unauthorized persons;
  • Supervise guests and ensure doors are closed and locked;
  • Always ask two control questions to verify that you have the right person on the line.

Apply the above rules even when working at home or on location with customers and talk to each other about following these rules.

1 All information security rules are described in the security handbook, if you have any questions please contact the security officer.