Starting from 2011, we have established information security management regulations that meet ISO 27001 standards and passed third-party certification and audit. We have also passed the re-inspections based on ISO 27001 standards each year.
For DMZ (servers that provide external services), office areas, data centers, production lines, and cloud services, we implement and improve information security protection measures and we also established KPIs for related management measures and daily monitoring mechanisms.
We work with information security intelligence sharing organizations to obtain early-warning intelligence as well as information on security threats and vulnerabilities.
The Company regularly organizes information security training and social engineering exercises to increase information security awareness.
We purchased cyber protection insurance with coverage for data confidentiality and privacy liabilities, network security liabilities, media liabilities, incident response, and business interruption to demonstrate our commitment to customers’ rights and interests.
