loading
Data Privacy & Security

Data Privacy & Security

With integrity at the centre of everything HKBN, we make it a top priority to maintain and protect the privacy and data customers entrust with us.

data.title[lang]

Our Approach to Data Security

 

Steered by the senior management team, our approach to data security is reviewed and updated regularly with the goal of ensuring that our daily operations are in line with industry best practices.

 

Across HKBN, we stringently operate with data security & privacy policies that cover data security, cyber incident response policy, data classification, and data retention & destruction.

data.title[lang]

Responsibly Handling Customer Data

 

At HKBN, all confidential and sensitive information are encrypted with passwords or crypto keys, and can only be accessed by authorised personnel.

 

We’re open and honest on how customer data is managed, and communicate this through the publicly available Personal Data & Privacy Statement (PPS), the Personal Information Collection Statement, and related clauses that are described in our service agreements. Third party service providers are under an agreement of confidentiality and are contractually bound to use a customer’s personal data solely in connection with the purposes specified in the PPS.

 

Additionally, we responsibly retain and destroy collected data. For example, we do not store full credit card numbers; only 10 digits (out of the full 16 digits) of customer credit card numbers are stored, and we practice ‘tokenisation’ when processing credit card payments. Moreover, each customer’s Hong Kong Identity Card (HKID) number is only partially visible via our front-line system. To protect customer privacy, we also have a dedicated Data Protection Officer and a Personal Data Privacy Officer who ensure that personal data privacy and strict confidentiality are maintained.

data.title[lang]

How We Respond to Cyber Attacks

 

Our Cyber Incident Response Policy provides us with clear guidance on the handling of security incidents throughout the stages of identification, containment, recovery, reporting and post-incident evaluation. We employ cybersecurity tools and systems which continuously monitor and identify potential security incidents/breaches.

 

Whenever an incident is identified, we report it to our Audit & Risk team and our Board, and take immediate action to contain, investigate, and resolve. Two internal teams are authorised to handle cyber incidents, with our Cyber Incident Management team responsible for overseeing the entire response process and making critical decisions, while our Cyber Incident Response team is responsible for the handling of cyber incidents. We also commit to inform affected customers in a timely manner of any data breaches identified.

data.title[lang]

Security Awareness Inside HKBN

 

Cyber attacks are happening – all day, every day. And while we have some of the best cybersecurity tools and systems to keep our data and customer information safe from cyber threats – for context, over 3 billion phishing emails are sent worldwide everyday – the role of our Talents more critical than ever. Above all, the best defense against ransomware attacks is awareness.    

 

Mindful of the real dangers, we require all new joiners to complete training programmes which include mandatory learning about data security and customer privacy. Throughout the year, we provide all Talents with an extensive regimen of data security exposure, including monthly 5-minute videos to raise awareness about key cybersecurity threats, impromptu phishing email assessments, best practice training modules (covering topics like data classification, password creation and software security), and much more.  

data.title[lang]

Cybersecurity for Residential & Enterprise Customers

 

As a leading ICT company, we have the expertise to help customers – at home and in the business environment – stay protected in an interconnected digital world.

 

As cyber threats and attacks continue to rise, we offer services to equip residential customers and their family members with the monitoring and security tools to keep their data and devices safe from hackers. For enterprise customers, our full suite of cybersecurity solutions include cloud-delivered security protection starting at the DNS level, managed security services, 24/7 network & gateway security monitoring, endpoint security for devices and a lot more.

Our Work

Security Starts with All Talents

 

Most data breaches happen because of simple human error, as scammers often use phishing emails (typically impersonating a superior, colleague or business partner) to target unsuspecting employees. Mindful of the real dangers, HKBN follows a strict ironclad security approach, which comprise compulsory multi-factor authentication of work devices, non-stop security training for our Talents, impromptu internal phishing email assessments, and much more. The goal is to operate with a trifecta of cutting-edge monitoring & security, and one of the most security-aware teams of Talents.