INTER PARFUMS INC - (IPAR)
10-K Filing Date: February 27, 2024
Cybersecurity for our Company is conducted by our United States based operations and European based operations. For our United States based operations, our Information Technology department (“ITUS”) in New York, New York is in charge of our cybersecurity for offices in the United States, Italy, and other remote locations. For our European based operations, our Information Technology department (“ITEU”) in Paris, France is in charge of our cybersecurity for offices in France, and other remote locations. Each of ITUS and ITEU report to their respective segment Chief Executive Officers, Messrs. Madar for ITUS and Benacin for ITEU, who are also directors of our Company. Any material issues of cybersecurity would then be reported to our board of directors. As of the date of this report, we have not had any material cybersecurity incidents.
Both departments have established strict security rules for infrastructure, application and limitations on access rights. New employees are instructed on aspects of cybersecurity, and reminders for safe internet access are periodically sent. Access to our networks for former employees and contractors is immediately revoked upon severance of association, and any hardware such as laptops, company phones, access keys are returned. Each department has also installed equipment and tools to protect and update against the risks of intrusions, cyberattacks, and system obsolescence. Various applications and methods to manage our cybersecurity include, but not limited to, use of EDI (electronic digital interface) for receiving orders, fire walls, virtual private network, antivirus software, encryption, and requiring two factor authentication for remote access after business hours. Redundancy is important as data is routinely backed up daily.
In addition, Interparfums SA has adopted an IT Charter that defines the rights and obligations of employees and users of their information system, to ensure that the information technology resources are used in a secure environment complying with the procedures of internal control, and regularly performs penetration testing. Beginning in January 2024, Interparfums SA commenced enrolling all employees of Interparfums SA in cybersecurity training. United States based operations provides specific user IDs, and employees are instructed to set up passwords that are not easy to guess, keep passwords confidential, and immediately change such employee’s password if such employee believes it has been compromised. All desktop and laptop computers must be password protected and must be changed every 90 days. In addition, employees must not knowingly input erroneous, fraudulent, fictitious or otherwise inappropriate data into any application/system and report any suspicious activity to ITUS. Company employees are prohibited from downloading any files or software for personal use, and not create any independent data connections from Company offices that attempt to sidestep the Company’s network security policy or mechanisms.
Neither United States based operations nor European based operations sells directly to retail consumers, which diminishes to some degree, but does not preclude, the likelihood of third party access to our data.
45