As a technology/SaaS platform, data security is a priority function for Byggfakta Group. All Byggfakta Group business units have a risk mitigation outlook towards IT and information security.

Data security

Byggfakta Group has clear information security and IT policies. With a predominantly technology/ SaaS-based business model, how we manage the data of third parties (including customers), but also our own data and resources, is vital to the protection of all stakeholders and the success of the company.

We operate a decentralized IT organization. However, there are IT guidelines and instructions at group level that steer the work to meet the goals of the organization as a whole. Where possible, we synergize our IT structure to most efficiently manage the large-scale operations of the group. Our group IT policy has a clear reporting structure and methodology for mitigating risk and running an effective IT operation.

Information security

The group also has its own information security policy, which is of vital importance to the running of the business. Our policies are reviewed annually, or sooner if any breach of policy or security is discovered. The information security policy also provides a clear matrix of responsibility in respect to managing information security.

It is crucial to protect information at a sufficient level, based on:

  • Secrecy: information is not made available or revealed to unauthorized people.
  • Correctness: information is correct, current and complete.
  • Accessibility: information is accessible and useful for authorized people.
  • Traceability: change end events in information processing can be traced.

Information security is divided into two areas: administrative security and technical security. Administrative security includes organization, steering, roles and responsibilities like regulations and processes. Technical security, also called IT security or cyber security, includes network, servers, workstations, hardware, software, data centres, backups, etc. Byggfakta Group’s IT and information security policies meet all legal requirements, and in many cases are even more stringent. For example, our business unit NBS has achieved ‘Cyber Essentials Plus’ accreditation, a UK Government certification scheme, with standards designed to prevent, and protect businesses from, cyberattacks. All Byggfakta Group business units have a risk mitigation outlook towards IT and information security.

Byggfakta Group’s data security policies can be found here: