Awareness-raising on Information Security
|
A total of 9 information security awareness-raising sessions were conducted in 2021.
|
Information Security Related Education and Training Program
|
A total of 4 information security education training sessions were conducted in 2021.
|
Syslog Server Import
|
Strengthen the storage of various logs in the NG Firewall and centralized Server (AD&VPN account access, DHCP, DNS, DB, and other logs) and network device logs.
|
Vulnerability Scanning and Evaluation
|
Evaluate the existence of known vulnerabilities by scanning various network devices and system servers in the Company’s network environment through vulnerability scanning, and analyze and fix the vulnerabilities for effective and feasible improvement solutions to achieve the purpose of reducing information security risks.
|
Firewall Protection
|
Examine the firewall to set connection rules so as to ensure that malicious attacks are blocked.
|
Additional application is required for special connection needs.
|
User Access Control System
|
Control user internet behavior with an automated website protection system.
|
Automatically filter users’ access to websites that may contain Trojan horses, ransomware or malware.
|
Data Loss Protection (DLP)
|
Conduct daily data access and loss protection control using DLP.
|
Data monitoring and protection
|
Conduct weekly monitoring measures for USB data copying, cloud uploading, shared slot data access and Web data uploading. If abnormal usage records are found, the Company will notify the departmental senior officer or those holding a higher ranking according to the relevant information.
|
Anti-virus software
|
Adopt anti-virus software and update virus patterns automatically to reduce the chance of virus infections.
|
Operating System Updates
|
The operating system is updated automatically. If the system is not updated for any reason, the Information Management Department will assist in updating it.
|
Mail Security Control
|
There is automatic mail scanning threat protection
|
to prevent unsafe attachments, phishing mail, and spam before users receive mail, with the protection extended against malicious links.
|
The anti-virus software scans personal computers for unsafe attachments after receiving emails.
|
Data backup mechanism
|
Perform daily backups on the important data system database.
|
Critical File Server Management
|
Store important files from all departments within the Company on servers and perform backups by the information unit.
|