Privacy Policy
To provide you with the best website experience, we use Cookies and localStorage to improve our website for technical, analytical, and marketing purposes. By continuing to browse this website, you agree to the use of Cookies and localStorage.
Accept
CDWE Information Security Policy
CSBC-DEME Wind Engineering Co., Ltd. (CDWE) is dedicated to implementing a robust information security management system. We are committed to ensuring a secure working environment through comprehensive protective measures, effective management mechanisms, and enhanced security awareness among all employees. Our goal is to maintain the confidentiality, integrity, and availability of company data, information, equipment, personnel, and networks.

To fortify our defenses against internal and external threats, both deliberate and accidental, CDWE has established this Information Security Policy. This policy outlines systematic management practices designed to achieve comprehensive protection, safeguard user rights, and ensure operational stability.
Our Goals
  • Ensure the accuracy, completeness, and availability of information operations, and maintain operational continuity.
  • Protect the confidentiality, integrity, and availability of CDWE information assets, while safeguarding user data privacy.
  • Respect intellectual property rights and prevent unauthorized access, tampering, or improper disclosure of CDWE and employee information.
  • Ensure all information security incidents and suspected vulnerabilities are promptly reported, investigated, and appropriately mitigated.
Implementation 1. Management Measures
  • Network Intrusion Detection: Deploy a network intrusion detection system to monitor traffic and identify unauthorized access or malicious activities.
  • Firewall Protection: Install and maintain firewalls to block unauthorized intrusions, data theft, or destruction, thereby protecting user rights and the integrity of CDWE systems.
  • Anti-Virus Protection: Install and routinely update anti-virus software to ensure a secure web browsing environment through regular scans.
  • Data Backup: Perform daily data backups and store them on secure backup hosts to guarantee operational stability.
  • Security Patches: Regularly receive and apply the latest security patches from operating system and application vendors to mitigate vulnerabilities.
2. Personnel Management and Education
  • Employee Participation: All employees are expected to actively support the information security management system and adhere to relevant standards and procedures.
  • Training and Awareness: New employees must complete information security training, and the company conducts regular awareness activities to strengthen security skills and vigilance.
  • Account Management: Employees must safeguard personal accounts, passwords, and permissions. Passwords should be updated regularly, and personal information should not be
  • shared. When using shared or public computers, employees must log out and close browser windows to prevent unauthorized access. Third-Party Responsibility: Employees, vendors, and visitors who utilize company information assets must protect these assets from unauthorized access, tampering, destruction, or disclosure.

3. External Cooperation and Monitoring
  • Monitoring Center: Established a Security Monitoring Center was established to alert, analyze, and respond to information security incidents.
  • Social Engineering Drills: Annual social engineering drills is organized to enhance internal security measures and employee awareness.

4. Notification and Accountability
  • Incident Reporting: Any behavior compromising information security must be reported through the designated reporting mechanism for prompt investigation and resolution.
  • Accountability: Violations of information security policies may result in civil, criminal, or administrative actions, depending on the severity, as outlined in CDWE regulations.

CDWE remains committed to continuously improving our information security practices to protect our operations, employees, and stakeholders.