Conduct information security education and training to promote employees’ awareness of information security and strengthen their awareness of relevant responsibilities.
Protect the company’s business activity information from unauthorized access and modification, and ensure its accuracy and integrity.
Ensure that the company’s key core systems maintain a certain level of system availability.
Information security risk management measures
External threats
Continuously block Internet attacks through firewall systems.
Establish an external connection monitoring mechanism to detect abnormal account connection behavior of accounts.
System availability
The device establishes a complete instant scan, behavioral analysis, suspicious network connection, and other endpoint protection mechanisms.
Offsite backup and system recovery drill.
Internal information security management
Network segmentation of production equipment to avoid the operation of a single device due to information security incidents.
Set up file exchange protection and control mobile device access.
Strengthen internal network visualization and build an instant network protection system for traffic analysis.
Employee information security management
Information security advocacy irregularly.
Education and training for new recruits.
Conduct information security training for colleagues who have meetings with important customers.