矽聯科技股份有限公司 - E首發票加值服務中心資訊安全政策
Silicon Union Technology Co., Ltd. - E-Invoice Value-Added Service Center Information Security Policy
一、資訊安全措施
I. Information Security Measures
1. 網絡監控與入侵偵測:
- 使用進階網路入侵偵測系統,持續監控網路流量,有效偵測及防止未經授權的存取、修改或破壞行為。
- Network Monitoring and Intrusion Detection:
- Advanced network intrusion detection systems are employed to continuously monitor network traffic and effectively detect and prevent unauthorized access, modification, or destruction.
2. 防火牆與防病毒技術:
- 裝設高效能防火牆,以防止非法入侵、破壞或資料竊取。
- 定期更新並運行先進的防病毒軟體,保障網站及使用者資料安全。
- Firewall and Antivirus Technologies:
- High-performance firewalls are installed to prevent illegal intrusion, destruction, or data theft.
- Advanced antivirus software is regularly updated and run to ensure the security of the website and user data.
3. 多因素身份驗證 (MFA):
- 對於敏感操作(例如登入、資料修改等)實施多因素身份驗證,以增強賬戶安全。
- Multi-Factor Authentication (MFA):
- Multi-factor authentication is implemented for sensitive operations (such as login, data modification, etc.) to enhance account security.
4. 資料加密:
- 對所有用戶數據進行強力加密,無論是在傳輸還是存儲過程中,以確保資料安全。
- Data Encryption:
- All user data is strongly encrypted, whether in transit or storage, to ensure data security.
5. 安全事件應對與恢復:
- 定期進行模擬駭客攻擊演練,以測試並優化系統回復程序。
- 實施定期數據備份至備援主機,確保數據的可靠恢復。
- Security Incident Response and Recovery:
- Regular simulated hacker attack drills are conducted to test and optimize system recovery procedures.
- Regular data backup to a backup server is implemented to ensure reliable data recovery.
6. 系統更新與維護:
- 自動接收並響應作業系統和應用軟件的安全更新通知,定期安裝修補程序(Patch)。
- System Updates and Maintenance:
- Automatically receive and respond to security update notifications from operating systems and application software, and regularly install patches.
7. 內外部安全審計:
- 定期進行內部和外部安全審計,