Grupo Costa Networks, specialised in telecommunications and technology, has implemented an Information Security Management System (ISMS) based on the ISO/IEC 27001:2022 standard, with the aim of preserving the confidentiality, integrity and availability of information.
Business lines
- Virtual Voz (Telecommunications): virtual PBX, contact center, WhatsApp Business and mobile telephony (Movistar MVNO).
- CN Gestión (ERP and Consulting): Odoo consulting and implementation, custom module development and SaaS on our own cloud infrastructure.
Security objectives
- Protect personal data and individuals' privacy.
- Safeguard the organisation's records.
- Protect intellectual property rights.
- Document the information security policy.
- Assign security responsibilities.
- Provide training and awareness in information security.
- Record security incidents.
- Manage business continuity.
- Manage security-related changes.
Management commitments
- Develop products and services compliant with the legislative requirements applicable to the ISMS scope.
- Establish and meet contractual requirements with interested parties.
- Provide the necessary training in security matters.
- Prevent and detect malware through specific policies and agreements with specialised organisations.
- Manage business continuity in accordance with recognised methodologies.
- Establish consequences for violations of this policy, reflected in contracts.
- Act at all times within the strictest professional ethics.
Frame of reference
This Policy constitutes the frame of reference for the continual improvement of the ISMS. It is communicated to the entire organisation and made available to interested parties, and is reviewed periodically to ensure its suitability.