Information Security

Security of Information

Security of the information

Organizations of any type or sector face risks from a wide variety of threats that can significantly affect the information and its processing, storage and transmission resources. In these circumstances, organizations experience the need to establish appropriate strategies and controls that guarantee a secure management of the processes, giving greater protection to the information.

Likewise, these strategies and aspects for protection and control are based on established frameworks at the level of regulatory elements that must be developed to carry out adequate management and control, as is the case of the implementation of ISO 27001: 2013 and the Standards of PCI_DSS data security and national level recommendations through the Ministry of Information and Communications Technologies of Colombia.

AS • NET, recognizes information as a vital asset for the development of its business processes. So, to reduce risks and protect this information, it is necessary to implement an adequate set of controls and procedures to achieve a correct level of information security and also manage these controls to maintain and improve them over time.

For the establishment, implementation and improvement of the necessary controls and procedures an Information Security Management System – ISMS is defined, which will help manage risks, focus efforts on information security and achieve the protection of your assets of information.

The adoption of the ISMS is a decision of senior management of AS • NET and is influenced by the needs and expectations of the stakeholders and the strategic objectives of the organization.

The ISMS makes it possible to efficiently manage the protection of information, seeking to ensure the confidentiality, integrity and availability of information assets, through risk management. Guaranteeing our clients the security and commitment for the protection of their data. Therefore, it has relied on the definition of policies that seek to define guidelines that allow the achievement of the ISMS objectives. These policies can be consulted in the reference mentioned below:

For more information, see our policies:

PERSONAL-DATA-TREATMENT-POLICY_SIPO-04-V3

INFORMATION-SECURITY-POLICY_SIPO-08-V1