Privacy and data security
The safeguarding of our customers’ personal information is of the highest importance to every employee. We do not sell, rent or disclose personally identifiable information to any third party for any reason that is not directly related to providing products and services, except as required by applicable law or specifically allowed in our privacy policy. Occasionally, we will use personally identifiable information to offer a customer new products and services; however, customers can opt out of such marketing at any time.
As a data privacy champion, we provide ongoing consumer education on how to protect personal data and more broadly, how to keep consumers and their families safe online. We recognize and support the principle that all organizations share the responsibility of being conscientious stewards of personal information. As such, we’ve undertaken significant efforts to educate our customers, employees and communities on safe online practices. We maintain and regularly update actionable tips on online safety and data privacy practices at consolidated.com/staysafeonline.
Internally, our employees are kept abreast of the latest cybersecurity risks and threats and are regularly required to participate in trainings and simulated attacks to keep our employees aware and attentive, thereby minimizing risks to our network and business systems.
Information security
We take Information Security very seriously and are constantly monitoring and taking proactive steps to ensure the safety of our networks, systems and data. Consolidated continuously strives to implement standards-based security and risk management best practices to protect our data, people, brand and shareholders. We are a trusted partner with a risk-based focus designed to support business growth while consistently exceeding our customers’ needs and expectations.
Business and personal interaction in the world today has become increasingly reliant upon the delivery of data of all types across telecommunications carrier networks. We recognize the need for these networks to be as secure, resilient and reliable as possible. Our company management takes a vigilant approach to identifying and addressing data security risks through its Information Security Risk Management and Governance programs. These programs include supply chain and vendor risk management activities, software, component analysis, and business impact analysis. Additionally, we have a comprehensive infrastructural security program which includes active monitoring and detection along with detailed triage and response plans that outline the steps necessary to investigate, identify and mitigate cyber security risks to company business processes. As part of its cyber security risk mitigation program, we carry Cyber Security Insurance, and senior leadership briefs the board of directors on information security matters quarterly. Biennially, we are assessed by the Department of Homeland Security against National Institute of Standards and Technology (NIST) 800-53 controls. In 2022, our company rolled out a comprehensive cybersecurity awareness program to educate employees about the cyber risks related to the technology they use.
As online activities and connected devices increase, legitimate concerns about data security, scams and identity theft are also increasing among consumers. We proactively monitor network traffic and use industry trusted best practices, tools, software and systems to keep our customers safe.