ES
Information security management

 

Cellnex has a security information policy that reflects the company's commitment in this area, the necessary steps to be taken to identify and protect information assets, as well as to ensure compliance with applicable rules and regulations. Likewise, since 2015 the company has had an Information Security Management System based on ISO standard 27001.

An information map has been prepared under this Management System, from which risks have been identified and evaluated, to apply mitigation measures in terms of confidentiality, integrity and availability of information.

With regard to the personal data managed by the company, including customer data, Cellnex applies the European General Data Protection Regulation, or GDPR. Specific analyses of customer data applications are performed, along with security measures for each of these applications, on the basis of risks identified, based on the three dimensions mentioned above: confidentiality, integrity and availability of information.

During 2017, Cellnex continued to make progress in this area, launching new projects: 

  • Implementing mitigation measures for risks in terms of confidentiality, integrity and availability of information, as a result of the risk map prepared in 2016 under the Leaks Prevention Plan.
  • Preparation of a Master Plan for Information Security based on nine Security programmes implemented in 2017.
  • Drawing up of a specific analysis of the applications for customers and application of security measures in each of these, according to the risks identified in terms of confidentiality, integrity and availability of information.
  • Carrying out awareness campaigns directed to all Cellnex employees and specifically to Senior Managers, to reinforce messages of good information security practices.

In this regard, in 2017 there was no filtering, theft or loss of information in Spain or Italy, nor were any complaints received in relation to information security and data protection. For Cellnex Italy, as an improvement in this field of activity, legal clauses on privacy and data protection were added in each contract.

 

GRI: management approach for customer privacy (103-1, 103-2, 103-3, 418-1)

Environment Bases for the preparation of the report
Download Download as PDF
Integrated Report 2017 PDF | 9,5 MB
Download Centre
Other documents
Financial Statements PDF | 1,3
AGR PDF | 0,4
Services

Utilizamos cookies propias y de terceros para mejorar nuestros servicios y mostrarle publicidad relacionada con sus preferencias mediante el análisis de sus hábitos de navegación. Si continúa navegando, consideramos que acepta su uso. Puede obtener más información, o bien conocer cómo cambiar la configuración en nuestra Cookies policy. Aceptar