Information Security Policy Vision

• Enhance staff awareness.
• Avoid data leakage.
• Implement daily maintenance.
• Ensure that the service is available.

Information Security Objectives

• Conduct information security education and training to promote employees’ awareness of information security and strengthen their awareness of relevant responsibilities.
• Protect the company’s business activity information from unauthorized access and modification, and ensure its accuracy and integrity.
• Ensure that the company’s key core systems maintain a certain level of system availability.

Information security risk management measures

External threats

• Continuously block Internet attacks through firewall systems.
• Establish an external connection monitoring mechanism to detect abnormal account connection behavior of accounts.

System availability

• The device establishes a complete instant scan, behavioral analysis, suspicious network connection, and other endpoint protection mechanisms.
• Offsite backup and system recovery drill.

Internal information security management

• Network segmentation of production equipment to avoid the operation of a single device due to information security incidents.
• Set up file exchange protection and control mobile device access.
• Strengthen internal network visualization and build an instant network protection system for traffic analysis.

Employee information security management

• Information security advocacy irregularly.
• Education and training for new recruits.
• Conduct information security training for colleagues who have meetings with important customers.