HOCHTIEF

IT SECURITY

Security principles in the area of information technology at HOCHTIEF CZ are based on the following documents and legislation:

  • Law on Personal Data Protection No. 101/2000 Coll., as amended
  • ČSN ISO/IEC 17799 Information Technology – Code of practice for information security management
  • ČSN ISO/IEC TR 13335 Information Technology – Guidelines for IT security management
  • The HOCHTIEF standards for work in the field of information technology

The aim of the individual measures implemented within the security strategy of HOCHTIEF CZ is primarily:

  • Ensuring of proper and safe operation of the system
  • Minimizing the risk of system failure
  • Ensuring integrity of the system and information
  • Ensuring maximum system availability
  • Preventing damage to the assets and disruption of the company´s  activities
  • Preventing loss, modification and misuse of information
  • Protection of confidential and secret information
  • Protection of the trade secret

The main safety principles used by HOCHTIEF CZ and used to achieve the above mentioned objectives are:

  • Ensuring physical safety of the individual parts of the system
  • Ensuring protection of the system against critical conditions
  • Ensuring emergency measures including contractual security of correction of the critical elements of the system
  • Backups and data archiving
  • Clear identification of each user of the system by an account and password
  • Internet access for WAN users only through one place protected by Firewall
  • Use of regularly updated anti-virus software on all servers and computers
  • Antivirus control of electronic mail
  • Management of user access to data using access permissions
  • Two-level security of critical data and electronic mail – encryption