Information Security policy

Introduction

Global Switch is a leading owner, operator and developer of large scale, carrier and cloud neutral, multi-customer data centre facilities in Europe and Asia-Pacific. Global Switch’s core offering is technical space with resilient 24 x 7 x 365 power and cooling, security and infrastructure and environmental monitoring for its customers to house their computer servers, network equipment and other IT infrastructure.

Our data centres provide rich, carrier and cloud-neutral ecosystems and offer reliability, security, and flexibility that our customers require to house their IT infrastructure. Global Switch’s Data Centres are exclusively positioned in central, network dense locations in Tier 1 markets.

As we operate globally, we recognise that we are subject to multiple pieces of legislation governing the protection of personally identifiable information and other laws governing the use of computing equipment and information processing.

Global Switch Security

We ensure Global Switch and our customers are protected from all threats to maintain business continuity, minimise damage, and maximize returns and opportunities. The Security Control Committee, including external experts reporting to the Board of Directors, safeguards sensitive information and the security of data centres.

The CEO and Executive of Global Switch prioritise managing information security risk to protect our information assets, customer data, and services in our data centres. We have implemented an Information Security Management System (ISMS) as a framework to mitigate these risks.

The ISMS applies standards and rules to all facilities, services, and information systems, supported by regular internal and external audits. This ensures effectiveness and compliance with ISO/IEC 27001, the international standard for information security management.

Objectives

This policy aims to inform staff, suppliers, contractors, and stakeholders of our commitment to continually improving Information Security performance. Global Switch strives to:

• Set objectives for the ISMS that align with overall business goals and take into account the results of our risk assessment and treatment activities.

• Obtain accredited certification of the ISMS according to ISO 27001 requirements and maintain it continuously.

• Ensure the ISMS consistently reflects the context of the organisation and the needs and expectations of interested parties.

• Ensure compliance with relevant legislation, regulations, and contractual obligations related to information security.

• Ensure the ISMS, information security risks, and controls implemented to manage those risks are dynamic and reflect the evolving threat landscape, the company’s context, and our risk appetite.

• Operate effective access control processes to prevent unauthorised access to company and client information and to our data centres.

• Implement a culture of information security through the provision of cyber and information security training and awareness.

• Maintain Business Continuity arrangements to ensure that information and vital services are available to customers when required.

• Identify, assess, control, and regularly review risks associated with the use of suppliers.

• Standardise HR procedures.

• Maintain and protect information systems and networks against internal and external threats.

• Report, investigate, and address issues within the ISMS and breaches of information security, whether actual or suspected, in a timely manner.

• Ensure the necessary competence to operate, maintain, and improve the ISMS. We aim to regularly enhance our ISMS by establishing processes for ongoing support, periodic review, and continuous improvement of the ISMS framework.

This policy, along with other subsidiary policies focused on specific topics, will be reviewed at least annually to ensure its suitability and to address any changes that may affect the ISMS.

Responsibilities

All Global Switch staff/suppliers/contractors are required to understand and comply with the requirements of this policy to actively contribute towards continually improving Information Security performance within Global Switch.

All staff are responsible for implementing the requirements of this policy to ensure that in doing so they achieve the highest standards of Information Security performance and demonstrate best practices.

 

Ashley Muldoon

Chief Executive Officer,

Global Switch Dated: 1st April 2025